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Preface 


This handbook is intended for utility operators to explain the process 
safety integrity issues with the focus on maintaining the long term 
sustainability, efficiency and effectiveness of the utility assets. It is 
hoped this handbook provides the basis of the essentials for 
managers and key engineers responsible for the ownership , 
operation and maintenance of assets in the utility sector 


Many thanks Farooq Janjua, Riyadh, KSA , July 2014 


Nothing is so important that we cannot take the 
time to do it safely and properly 
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SECTION 1 : INTRODUCTION 


1.1 Introduction 


At the onset the challenges faced by common process operators is to lower Operational Risk and improve 
Production Efficiency or...is the Key to better optimize how we manage operation and maintenance workload 
against a developed risk management policy 


The aim of this book is to provide an overview of the holistic understanding of assessing and understanding 
operational risks and the need for standardization & systematization of working practices for prioritization of 
safety related and production critical work 


In connection with link between management of assets , safety and risks which is the theme of this book the 
common link is the need for a process plant to maintain safe and reliable sustainable operational performance 


The challenge for example in operating ageing assets as a common issue amongst utility operators is the need 
for dependable equipment, competent personnel and effective systems. Some quotations regarding ageing 
equipment from the UK Regulator 


“Ageing is not about how old the equipment is. It’s about what is known about its condition, and how that’s 
changing over time” HSE Research Report RR509 - ‘The plant ageing guide’ 


“Ageing is...where a component suffers deterioration and damage (usually, but not necessarily, associated with 
time in service) with an increasing likelihood of failure.... HSE Research Report RR823 - ‘Plant Ageing Study’ 


The underlying theme of this book therefore is a set of ten common themes towards a sustainable plan for 
asset and process integrity 


1. Conduct an analysis with an approved asset management integrity performance instrument (Data & KPI 
Collection) 

. Develop a Management Control Reporting System (MCRS) 

. Define the system, processes, people and entities evolved programs 

. Development of documentation/process standards 

. Design and agree a verification program/process 

identification of Safety Critical Equipment and processes ( Safety Case, Bow-Tie, Hazid/op) 

. Define maintenance, testing, monitoring, inspections, and operations involvement 

. Risk management assured through QA/QC (development of performance standards, assurance standards 

and maintenance strategies) 
9. Integration of standards and specifications with tools and reporting 
10. Training & Coaching program - ( KEY TO SUSTAINABILITY ! ) 


CON DU BWN 


Some examples of some typical general challenges in achieving this may be as follows : 


Dependable equipment : Equipment projected as not fit for purpose ,Increased congestion of equipment and 
removal of redundant equipment ,replacement of obsolete equipment ,operation outside original design or 
lack of turn down capacity , reducing equipment and key system reliability , need to upgrade to meet latest 
HSE standards 


Effective systems : Lack of clarity for ownership of knowledge between operator and sub-contractors , low 
implementation of documentation systems ,Compliance with current and future environmental legislation 


Competent personnel : Flexible and changing workforce, leaner organisations with increased reliance on sub- 
contractors 


1.2 Organisation and Responsibilities towards safety 


Before we examine the role of Operation and maintenance and assets in the overall process / risk assessment 
let us start with the theme of safety 


As part of the importance of an organization in developing and implementing safety management systems 
which are well described in many publications and books , so is not described here , it is important that in 
developing n operational organization should also understands that its employees at all levels must play their 
part in ensuring safety. 


Improvements to the working environment take time and money, therefore everyone must realise that the 
process of improvement is a continuous one. An operational organization should consult with its employees to 
identify the most effective ways to make the improvements necessary 


This is clear and in terms of an organization it is typically expected that all employees at all levels are 
responsible for: 


e Being aware of the Company Health and Safety Policy 

e Being aware of and following the organisation’s systems and procedures for safe working 

e Taking an active role in continual improvement by identifying to their line manager any shortcomings 
in the safe systems/procedures 

e Caring for their own health and safety and that of anyone affected by their work 

e Reporting anything that is unsafe or a risk to health 


It is important to realize that as a typical statement that an organization should understand that health and 
safety at work depends upon the inherent safety of the working environment. 


An operational organization should therefore provide: 


e Safe plant and systems of work 

e Safe means of using, handling, storage and transportation of articles and substances 
e Safety information, instruction, training and supervision 

e Safe place of work with safe access and egress 

e Safety for people not employed but affected by its undertaking 


so far as is reasonably practicable. Where the working environment falls short of the above standards, the 
organization should strive to improve conditions until they meet the standards. 


In addition to these universal responsibilities, setting an organization within the company should ensure the 
clear roles and responsibilities of the managers and supervisors towards safety — Example of the typical 
responsibilities as follows: 


Managing Director 


An organisation’s managing director is ultimately responsible for all health and safety matters in respect of the 
organisation’s activities 


His responsibilities can for example typically include the following : 
e Ensuring that the other Directors are provided with adequate resources and assistance to enable him 
to fulfill their duties. 
e Reviewing the Directors monthly reports on health and safety performance. 
e = Typically for example reporting health and safety performance to the Board at regular intervals ( eg 
every six months or as required depending upon the type, activity and size of the organization ) 


Other Directors 


Other directors within an operational organization are typically responsible to the Managing Director for all 
health and safety matters in respect of the organisation’s activities. 


They are responsible for the implementation of the Company Policy in accordance with the current policy 
statement. 


They are assisted by both the External Health and Safety Adviser and the OHS Manager. Their 
responsibilities typically can include the following: 


e Reporting Health and Safety performance to the representative director every 3 months 

e Accepting and reviewing the monthly Health and Safety performance reports provided by their 
reports 

e Keeping the Health and Safety Policy under review and recommending necessary or desirable 
modifications to the Managing Director 

e Monitoring the implementation of the Company Policy and taking such action as is necessary to 
maintain its effective functioning 

e Being alert and encouraging others to be alert to detect hazards, particularly those arising from 
changed circumstances, and arranging for appropriate precautions to be taken 

e Arranging that their reports have adequate training, information, instruction, supervision and 
resources to undertake their responsibilities 

e ~=Authorising such expert advice from outside the Company as they judge necessary or desirable 

e = Chairing safety committee meetings 

e Taking all reasonable opportunities to consult employees on health and safety matters and 
encouraging suggestions for improvements 

e Keeping abreast of the health and safety aspects of statutory employment requirements and taking 
action to maintain the Company’s compliance 

e Setting a personal example at all times 


Human Resource Director 


The HR Department Director in an organization is typically responsible for: 


e Reporting Health and Safety training performance to the project manager every month 

e Managing the Health and Safety Training Team (when set up) 

e Maintaining a database of training requests from all business units using the Training Team 
administrative resource 

e Scheduling and delivery of training to all business units using the Training Team administrative 
resource 

e Ensuring that the Training Team are adequately resourced, trained and competent 

e Arranging for expert advice and guidance for the training team, including preparation of training 
plans, manuals and codes of practice 

e Attending safety committee meetings 

e Setting a personal example at all times 


Safety Manager 


The Safety Manager is typically responsible in an organization for: 


° Reporting Health and Safety performance to the Managing Director every month 

° Keeping the Company Policy under review and recommending necessary or desirable modifications 
to the Project Manager 

° Monitoring the implementation of the Company Policy and taking such action as is necessary to 
maintain its effective functioning 

° Arranging safety audits and safety inspections as required 

° Being alert and encouraging others to be alert to detect hazards, particularly those arising from 
changed circumstances, and arranging for appropriate precautions to be taken 

° Keeping abreast of the health and safety aspects of statutory employment requirements and taking 
action to maintain the Company’s compliance 

° Arranging and attending safety committee meetings 

° Arranging that Health Safety and Welfare appears as a standard item on the agenda for Monthly 


Staff Meetings 


° Taking all reasonable opportunities to consult employees on health and safety matters and 
encouraging suggestions for improvements 


° Organising and managing an annual Training Plan for all Operational and Maintenance staff 

° Organising and arranging for any training required by Safety Representatives 

° Providing advice on all health safety and welfare matters to all the organisations staff 

° Investigation of all accidents, near misses or ill health, and reporting any findings to the Project 
Manager and taking appropriate action 

° Setting a personal example at all times 


Senior Managers in the Organisation 


The organisation’s senior managers are typically responsible for: 


° Reporting Health and Safety performance to their Directors every month 

° Liaising with the OHS Manager over the implementation of the Company Policy and taking such 
action as is necessary to maintain its effective functioning 

° Ensuring that all hazards are assessed and appropriate safe methods of working adopted 

° Being alert and encouraging others to be alert to detect hazards, particularly those arising from 
changed circumstances, and arranging for appropriate precautions to be taken 

° Liaising with the OHS Manager over the preparation of an annual Training Plan for all Operational 
and Maintenance staff 

° Taking all reasonable opportunities to consult employees on health and safety matters and 
encouraging suggestions for improvements 

° Attending safety committee meetings 

° Setting a personal example at all times 


Site Managers 


The Site Managers within the organization are typically responsible for: 


e Reporting Health and Safety performance to their Manager every month 

e Maintaining a working environment that, so far as is reasonably practicable, is without risk to the 
health and safety of anyone affected 

e Being aware of the Company Heath and Safety Policy, and assisting in the implementation thereof, 
and taking such action as is necessary to maintain its effective functioning 

e Liaising with the OHS Team over the implementation of the Company Policy 

e Liaising with the OHS Team over the preparation of an annual Training Plan for all Finance, 
Administration and Personnel staff 

e Taking all reasonable opportunities to consult employees on health and safety matters and 
encouraging suggestions for improvements 

e Setting a personal example at all times 


Operational or Maintenance Supervisor 


An organisation’s Operational or Maintenance Supervisor is typically responsible for: 


e Consulting with the operational or maintenance teams and preparing a monthly Health and Safety 
performance report for the Plant Manager 

e = Maintaining a working environment that, so far as is reasonably practicable, is without risk to the 
health and safety of anyone affected 

e Identifying any shortfall in the training needs of operatives and advising the plant manager 

e Being aware of the Company Heath and Safety Policy, assisting in the implementation thereof and 
taking such action as is necessary to maintain its effective functioning 

e Being alert and encouraging others to be alert to detect hazards, particularly those arising from 
changed circumstances, and arranging for appropriate precautions to be taken 

e Attending safety committee meetings 

e Setting a personal example at all times 


Safety representatives 


Safety representatives may be appointed from any level within the company to represent the interests of the 
workforce with regards to health and safety at work. Whilst carrying out their Safety representative functions 
they do not sit within the management structure and should not feel constrained by their normal operational 
role. 


The functions of a safety representative are to: 
e Take reasonably practical steps to keep informed of: 
o The legal requirements relating to the health and safety of people at work, particularly the 
group of people they directly represent 
o The particular workplace hazards and the measures necessary to eliminate or minimise the 
risks deriving from these hazards 
o The Health and Safety Policy 
e Encourage co-operation between the employer and his employees in promoting and developing 
essential measures to ensure the health and safety of the workforce and in checking the effectiveness 
of these measures 
e Investigate, normally in co-operation with the Co-ordinating Supervisor/Safety Adviser: 
e Hazards and accidents in the workplace 
o Employee complaints relating to health, safety or welfare 
e Carry out inspections in the workplace 
e Alert the employer, in writing, to any unsafe or unhealthy working practices or conditions, or 
unsatisfactory arrangements for welfare at work 
e Represent the employees to whom he/she has been appointed in consultation with Inspectors from 
any external enforcing safety authority 
e Receive information from any external enforcing safety authority 
e = Attend Safety Committee meetings 


1.3 Planning and Implementation 


It is important that an organisation develops and maintain a plan for continuous improvement of the working 
environment and the health and safety competency of its employees. The start point for this plan is the 
condition survey report which identifies the majority of defects on individual larger sites and common defects 
at well sites. The plan will be a “living document” that continuously develops as new defects and training 
needs emerge. The plan will also include a list of high risk activities and environments that require specific 
procedures to keep people safe. 


Each site owner will contribute to the plan by confirming or otherwise the defects identified for their site, and 
by identifying further defects as they become apparent. The site owner will also identify the high risk activities 
and environments on his/her site. 


Each line manager will contribute to the plan by identifying the existing level of safety training for their direct 
reports, and by identifying the training needs of individuals in relation to the work they do. 


The plan will identify the estimated cost for improvements to the physical environment and will include a 
budget for implementing the improvements over a period of time. Wherever practical, the budget will be 
based on a cost benefit analysis so that the maximum risk reduction can be achieved at the lowest cost. 


The plan will identify the estimated cost of providing training throughout the company and will include a 
budget for initial and refresher training over time. The budget will be based on a risk benefit analysis so that 
those employees most at risk from their work activities will be trained first. 


The organisation should ensure that they will implement the plan for physical improvements by allocating 
tasks and targets to each line manager and each site owner as resources become available. Some tasks will be 
undertaken in-house, and some tasks will be delivered by external contractors. Each task and target completed 
will be reported to the plan owner, together with a feedback form to record whether implementation achieves 
the desired effect or not. Where a task or target does not achieve the desired effect it will be investigated to 
find potential improvements so that, if repeated elsewhere, it will be increasingly successful 


The organization should also wherever practicable, implement the plan for safety training by integrating the 
safety and operational features of any task so that the training improves safety and operational performance 
at the same time. 


It is also essential that the organization provide a Health and Safety Handbook to each employee. The 
handbook will provide information and guidance on controlling high risk activities and environments. Each 
employee is expected to read the handbook and sign a receipt for it. The handbook will be reviewed at least 
annually, and revisions made where necessary. The handbook will identify activities that require additional 
training, enabling the employee to identify their own training needs 


1.4 Monitoring Performance 


Performance will be monitored for physical improvements and for training, with each part for example 
typically being allocated 50% of the total performance report. 


Normal Reports ; 


Performance against a plan is typically expected to be continuously monitored using the monthly report 
mechanism. A standard monthly report form will be used that records tasks and targets allocated and training 
planned. The reporter will state the percentage achievement for each item. The project manager will typically 
collate the reports and provide an overall report to the Director every 3 months. 


It is usual that the director will collate the 3 monthly reports and provide a summary report to the Board say 
every 6 months. 


Exception Reports : 


Occasionally an incident may occur or a site may fail significantly to meet its targets. Should this happen, a 
reporter at any level may raise or pass on an exception report for immediate transmission to the next level of 
management. The report will provide details of the event and reasons for its occurrence. Where possible the 
report should also include suggestions for improvement 


Accident / Incident Reports : 


Any accident/incident investigation report relating to a reportable event shall be treated as an exception 
report and will always be transmitted to the Project Manager. Reportable events are defined within the 
accident/incident investigation protocol. 


Internal Audit Reporting : 


It can be expected that say a safety advisor will carry out a number of internal audits each month in 
consultation with the site managers. These reports will be used to verify the quality of the monthly reporting 
mechanism. 


1.5 International Best Practice 


International best practice is now seen as “goal setting” rather than prescriptive. 

This requires managers at all levels to achieve an appropriate level of risk reduction, based on the 
circumstances of the hazards faced in the specific work environment and the cost of reducing that risk. The 
factors used to assess the risk and the risk reduction are: 


e The severity of an incident 

e The likelihood of an incident 

e The frequency of the activity 

e The number of people engaged in the activity 
e The cost of reducing or eliminating the hazard 


For example, if there are damaged handrails in two similar locations, one of which is used regularly, and the 
other used rarely, priority must be given to the location in regular use. The UK produces “goal setting” 
Regulations based on the requirements of European directives on Health and Safety at Work. These 
Regulations are generally seen as setting world-wide best practice and have been adopted either directly or 


with small changes to suit local conditions by many countries across the world. The UK Regulations have the 
benefit of being specific to the typical hazard, for example, the 

Confined Spaces Regulations, the Lifting Operations and Lifting Equipment Regulations, the Manual Handling 
Regulations etc. 


1.6 Prioritised Reporting 


Each site owner / network manager is required to identify defects on their site, using the Guidance Note to 
assist in the process. To avoid overloading the data collection process, which would in turn overload the 
prioritisation process, only one or two subject headings should be tackled at a time. 


A single defects sheet contains space for 5 defects to be identified. At one sheet per week, some 250 defects 
could be identified each year on each site. As there are physical and financial limits on what could be done on 
a site, it is expected that no more than 1 or 2 sheets per week should be returned. This constraint will also 
encourage site owners to concentrate on their known safety priorities. 


1.7 Data Collation and Reporting 


A defects sheet should typically be completed and returned to the asset management team. The team will 
enter the data into a database, assign priorities, and arrange for the work to be processed ether via the site 
owner, or via a term or maintenance contract. 


The database shall meet the needs of the asset management team for the purposes of safety and operations. 


The database will contain the raw information, and further fields for priority, work ordered, progress, 
completion etc. Reports shall be produced showing progress against identified priority defects and against all 
defects recorded 


Concerning a Safety Deficiencies Guidance Note this can be described as a prime working document for site 
owners, which can be adopted as a means of identifying safety and operational deficiencies. Further 
information is provided in section 5 and 6 dealing with asset assessments and asset safety condition surveys 
Typically also the Asset Management Team can also construct the database for collation of the information, 
such that the database serves all the needs of asset management, including safety deficiencies. Typically , also 
this work is carried out in-house by the maintenance teams where practical and a term contract be established 
with teams of specialists to carry out the remaining specialised necessary repairs and improvements identified 
and prioritised by the Asset Management Team 


Example : Safety Deficiencies Data Collection Form 


Site Name : Date: Site Owner : 

Example shown below in shaded area 

Building or area: Equipment Identifier/ Asset No: Equipment description: 
Chlorinator Room Cc1, CC2, CC3 Electrical cabinets 
Location of Defect: Safety Defect: [L| Operational Defect: L Both: 

Doors Estimated Priority (1 to 5, 1 = urgent): 4 


Description of defect: Old style electrical cabinet doors cannot be locked to prevent unauthorized access. 


Building or area: Equipment Identifier/ Asset No: Equipment description: 
Location of Defect: Safety Defect: [| Operational Defect: |] Both: 
Estimated Priority (1 to 5, 1 = urgent): 


Description of defect: 


Building or area: Equipment Identifier/ Asset No: Equipment description: 
Location of Defect: Safety Defect: [| Operational Defect: |] Both: 
Estimated Priority (1 to 5, 1 = urgent): 


Description of defect: 
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Building or area: 


No: 


Equipment Identifier/ Asset 


Equipment description: 


Location of Defect: 


Safety Defect: 


Operational Defect: 
Estimated Priority (1 to 5, 1 = urgent): 


Both: 


Description of defect: 


Appendix : Example of Safety Deficiencies Guidance 


Note : Below is a typical/ example only which needs to be developed on site specific basis 


Physical Hazard 


Identification 


Controls 


Chlorine 


What to look for. 

e Unsupported cylinders. 

e Corroded pigtails. 

e Lack of replacement washers for 
connections. 

e Sensors out of date. 


e Alarm systems not functioning correctly. 


e Ventilation system not linked to sensors 
and alarms. 

e Damaged or very stiff valves. 

e Missing warning signs 

e Drum lifting beam not present. 


e Scales not calibrated, missing, damaged. 


e Drums not marked as full, empty, duty, 
standby. 

e Chlorguard system, if fitted, not 
functioning. 

e Emergency repair kits not available. 

e Drum rollers not free to move. 

e Ammonia leak detector bottle not 
available or empty. 


What to do. 

e Support all cylinders in the upright 
position, including those not in use. 

e Replace corroded pigtails, and replace at 
least annually. 

e Ensure a minimum of 3 months supply of 
washers is available. 

e Out of date sensors to be replaced 
immediately. 

e Ensure sensors and alarm system are 
calibrated and checked annually, or 
immediately upon indication of failure. 

e Ensure that the ventilation system 
operates and shuts down at the correct 
sensor points. 

e Cylinders or drums with damaged or very 
stiff valves to be rejected and the supplier 
to collect at own expense. 

e All chlorine rooms to be fitted with 
warning signs 

e Chlorine drums are only to be lifted with 
a proper drum lifting beam. 

e Scales for weighing chlorine are to be 
calibrated annually, or after any damage. 

e All drums to be clearly marked full, 
empty, duty or standby. 

e Chlorguard systems must be checked at 
least monthly for correct operation and 
where supplied, must be fitted and used. 

e Emergency repair kits suitable for 
cylinders or drums to be supplied and kept 
on site for ready use. 

e Drum rollers to be checked for free 
movement and maintained/repaired as 
necessary. 

e Ensure ammonia leak detector bottle is 
available and ready for use. 


Confined spaces 


What to look for. 

e Confined spaces, such as 

inspection chambers, pits, tanks, silos, 
chemical stores, chlorine stores, 
generator housings etc. 

e Means of controlling access to 
confined spaces (doors, covers 

etc.) 


What to do. 

e Place a sign on the site entrance stating 
“Treat all inspection chambers, pits, tanks, 
silos, chemical stores, chlorine stores, 
generator housings etc. as confined spaces 
— entry by authorised persons only” 

e Mark all above ground confined spaces 
with a warning sign and ensure all confined 
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e Inadequate ventilation of 
confined spaces entered 
regularly 


spaces have an adequate barrier to access. 
e Repair/maintain or install adequate 
permanent ventilation and clean any filters 
as necessary 


Electricity What to look for. What to do. 

e Open or unlocked panels. e Close and lock all panels not being 

e Isolating panels without lock-off worked on. 

facilities. e Ensure isolating panels can be locked off. 

e Loose cables. e Secure loose cables to cable trays or 

e Improper cable connections similar. 

(chocolate block, bare wire etc.) e Remove all improper cable connections 

e Live conductors in panels without from site. 

shrouding. e Accessible live conductors must be made 

e Sagging overhead cables. inaccessible by shrouding or similar. 

e Cables on walkways e Ensure overhead cables are properly 

e Unfenced high voltage supported and place warning signs if a high 

transformers. vehicle hazard remains. 

e Note: detailed electrical safety e Re-route cables away from walkways. 

inspections must be carried out e Fence or otherwise protect all high 

by competent electricians. voltage transformers, and place warning 
signs. 
e Arrange for a competent electrician to 
inspect the site. 

Fire Safety What to look for. What to do. 
e Adequate numbers of fire e Provide additional extinguishers as 
extinguishers. necessary. 


e Extinguishers in date and 
correctly mounted. 

e High risk areas (oil, grease and 
fuel storage, packaging, stores). 

e Fire hose reels in good condition. 


e Arrange a central contract for inspection 
and replacement of extinguishers. 

e Place warning signs for high risk areas. 

e Check fire hose reel operation and 
arrange for maintenance if necessary 


Lifting equipment 


What to look for. 

e Current certification. 

e All equipment in good condition, 
e Lifting accessories marked with 
safe working load. 


What to do. 

e Arrange for certification of the 
equipment. Annual for all lifting equipment 
and 6 monthly for accessories. 

e Destroy or scrap all accessories in poor 
condition, arrange repair or maintenance 
of lifting equipment. 

e Accessories not marked with safe 
working load to be scrapped. 


Chemicals 


What to look for. 

e Chemicals stored in unmarked 
containers. 

e Acids and alkalis stored together. 

e Excessive storage of chemicals in 

containers rather than in bulk 
tanks. 

e Spills of chemicals. 

e Old containers of paint, oils, 

greases etc. in workshops. 


e Waste oils in transport workshops. 


What to do. 

e Remove and dispose of all unmarked 
containers. 

Where necessary, arrange for disposal as 
hazardous waste. 

e Acids and alkalis must be stored 
separately. Where both are needed ina 
closed environment then store each type in 
trays or bunds to limit the possibility of 
mixing. 

e Limit orders of chemicals to manageable 
amounts, do not order more than can be 
used in a month, or consider changing to 
bulk storage. 

e Chemical spills to be mopped up with 
absorbent material or diluted with water (if 
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safe) and washed away. 

e Old containers of paint, oils and greases 
should be disposed of as hazardous waste. 
e Waste oils produced during vehicle 
maintenance should be stored in 
flameproof containers and collected from 
site weekly 


Slip, trip or fall 
from height 


What to look for. 

e Uncovered and unprotected 
openings into chambers, tanks 

etc. 

e Coverings to walkways, tanks etc. in 
poor condition or not properly secured. 
e Loose, damaged or missing 

handrails or toe-boards to 

elevated walkways. 

e Fixed ladders in poor condition, 
corroded or loose. 

e Portable ladders in poor 

condition, damaged or painted. 

e Scaffolding platforms constructed 
without adequate handrails, toeboards or 
scaffold boards. 


What to do. 

e Replace covers to openings where 
practical, and place barriers around 
openings where the cover cannot be 
replaced immediately. 

e Identify covers in poor condition or not 
properly secured and schedule them for 
maintenance or replacement/repair. 

e Identify missing handrails and schedule 
them for immediate replacement/repair. 
Loose or damaged handrails and 
toe-boards must also be scheduled for 
maintenance or repair as a second priority. 
Overall priority must be given to areas in 
frequent use. 

e Fixed ladders in a dangerous condition 
must be marked with a warning sign and 
repaired or replaced as a high priority. 

e Remove from site all ladders in poor 
condition, damaged or painted. 

e All scaffolding must be inspected on first 
construction and each week thereafter. 
Any scaffold that does not meet acceptable 
standards must be marked with a “do not 
use” sign until faults have been corrected. 


Pressure systems 


What to look for. 

e Pressure vessels out of inspection date. 

e Corroded or damaged pressure 
vessels. 

e Safety devices not functioning or 
not tested. 

e Pressure vessels without a 
manufacturer’s plate. 

e Pressure lines subject to damage or 

unprotected. 

e Jubilee clip type fixings on 
pressure lines. 


What to do. 

e Arrange inspection and certification. 

e Arrange repair or replacement, if badly 
corroded take out of service. 

e Check safety devices regularly (pressure 
relief valves, pressure gauges etc.) 

e If no plate is present, can the vessel be 
identified in the O&M manual. If so, mark 
the pressure vessel and provide details 
nearby. 

e Pressure lines to be moved to a safe 
location and protected as necessary. 

e Jubilee clip type fixings to be replaced 
with correct fixings (may need special 
crimping tool). 


Mobile plant 


What to look for. 

e Keys left in. 

e Plant in poor condition. 

e Plant not needed. 

e Plant used by unauthorised 
people. 

e Passengers riding on plant. 


What to do. 

e Keys of all plant to be kept in a key press 
when not in use. 

e Arrange for repair/maintenance of plant 
in poor condition. 

e Consider relocation of redundant plant. 

e Do not permit unauthorised persons to 
use plant. 

e Do not permit passengers to ride on plant 
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unless correctly seated. 


Machinery 


What to look for. 

e Unguarded moving parts of 
machinery. 

e Machinery that may start 
automatically. 

e Potentially hazardous machinery 
without an emergency stop. 

e Machinery capable of being 

reenergized directly from an 
emergency stop 

e Machinery incapable of being 
isolated and locked off. 


What to do. 
e Provide guards to all moving parts of 
machinery on a risk based priority. 
e Mark machinery with “warning — may 
start 

automatically” as appropriate. 
e Fit emergency stops to potentially 
dangerous machinery that does not already 
have one. 
e Check that resetting the emergency stop 
does not reenergize the equipment 
directly. If it does then place a warning sign 
and arrange for re-wiring. 
e Ensure that machinery can be isolated 
and locked off where necessary for safety 
when carrying out maintenance or repair. 


Deep water or 
sewage 


What to look for. 

e Open tanks or pits without 
barriers. 

e Unguarded lagoons/reservoirs. 

e Missing lifebuoys and lifebuoy 
ropes. 

e No warning signs. 

e Access to the public. 


What to do. 

e Place barriers around all high risk tanks 
and pits. 

e Place warning signs on each side of 
lagoons “warning — deep water” 

e Ensure lifebuoys are replaced, with a 10 
m cord attached to each one. 

e Place warning signs on all other tanks and 
pits where there is a risk of drowning. 

e Prevent public access to reservoirs, 
lagoons or similar. If this is not practical 
ensure that adequate signage is placed. 


Site security 


What to look for. 


e Site fencing damaged or missing Site 


gates damaged or missing. 

e Locks missing or inoperative. 

e Sites not security signed. 

e Inadequate fencing i.e. not high 
enough. 

e Boundary walls in poor repair 


What to do. 

e Schedule replacement/repair of fencing 
on a priority basis. 

e Replace or repair gates. 

e Ensure locks are present, functioning and 
in use when the site is left. 

e Place security signs on all gates and on 
fences and boundary walls where 
appropriate. 

e Review security need and replace 
inadequate fencing. 

e Repair boundary walls. 


Cutting and 
grinding 
equipment 


What to look for. 

e Cutting disk machines without 
guards or with unsecured guards. 
e Damaged disks 

e Badly stored disks. 

e Grind wheels with missing or 
badly set guards. 

e Worn grind wheels. 


What to do. 

e Replace/secure guards or take out of 
service until 

guards can be replaced. 

e Dispose of any damaged disks. 

e Check storage of disks (vertical on pegs) 
e Replace/secure guards or take out of 
service until 

guards can be replaced. 

e Worn grinding wheels to be replaced or 
dressed. 


Manual handling 
hazards 


What to look for. 

e Heavy covers. 

e Heavy chemical drums. 

e Valves etc. in difficult or awkward 


What to do. 

e Provide simple lifting equipment to aid 
handling. 

e Chemical drums and similar to be carried 


14 


locations. 


on pallets. 

e Review the position of valves etc. and 
change them 

during maintenance. 


Hot surfaces 


What to look for. 

e Compressors with exposed 
pistons. 

e Air lines leading from 
compressors to pressure vessels. 
e Combustion engines with 
exposed exhausts. 

e High temperature lights in 
accessible places. 


What to do. 

e Compressor pistons should be shielded 
from contact 

using steel mesh or similar. 

e Air lines should be placed out of reach or 
be 

otherwise shielded from contact. 

e All engine exhausts should be shielded 
from contact 

by mesh guards or by being out of reach. 
e High temperature lights (for example 
halogen work 

lights) must be protected with a mesh 
cover 

preventing contact with the lamp itself. 


Lighting 


What to look for. 

e Lamps not functioning. 
e Dirty lamp covers. 

e Inaccessible lights. 

e Inadequate lighting. 


What to do. 

e Replace the lamps if accessible. 

e Arrange a cleaning programme for 
accessible lamp 

covers. 

e Consider moving inaccessible lamps to an 
accessible 

point. 

e Provide additional lighting at an 
accessible level. 


Fragile materials 


What to look for. 
e Roof coverings with skylights and 
asbestos cement roofs 


What to do. 
e Mark the edges of the roof with warning 
signs saying fragile roof. 


Slip, trip or fall on 
the level 


What to look for. 

e Waste materials on or near 
walkways. 

e Pipes, conduits and cables 
crossing walkways. 

e Leaking water, particularly onto 
hard or tiled surfaces. 

e Oil or diesel spills on hard or tiles 
surfaces. 

e Changes in level, slope or surface 


What to do. 

e Remove existing waste material, clean up 
before and after any maintenance or 
operation activity. 

e Where practical, re-route pipes, conduits 
and cables away from walkways. 
Alternatively, provide steps and platforms 
over the trip hazard. 

e Identify leaks for repair and schedule the 
work on a priority basis. 

e Clean up oil and diesel spills immediately 
using an absorbent material, or use sand if 
nothing else is available. 

e Identify and mark changes in level or 
slope that represent a trip hazard. 


Noise 


What to look for. 

e Any environment where you 
cannot hold a conversation at 2 
metres. Of which the following 

are examples: 

- Areas where very loud noises 
occur regularly. 

- Generator rooms or containers. 

- Rooms where a loud single note is 


What to do. 

e Check for damaged or defective 
equipment making more noise than it 
should and schedule it for 
repair/maintenance. 

Provide warning signs and hearing 
protection. Where a single note noise is 
produced, select the hearing protection to 
suit the noise. Limit or control entry to high 
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pump halls. 

- Damaged or missing exhaust 
systems from combustion 
engines. 


produced such as blower rooms and noise environments. 


Asbestos Asbestos cement roof or shade. 


Asbestos management plan as per local 


e Damaged or broken asbestos regulations 
cement sheets. (normally in roofs or 
shades) and broken pieces of asbestos 
cement in walkways or roadways. 
Traffic on site What to look for. What to do. 


e Traffic routes causing problems 
with access or delivery. 

e Parking areas not adequate. 

e Dangerous corners. 

e Uneven or damaged roadways. 
e No separation between vehicle 
routes and pedestrian routes. 


e If practical, re-route access and delivery 
routes to reduce or eliminate the 
problems. 

e Review parking needs and provide more 
if necessary. 

e Place sightline mirrors at dangerous 
corners. 

e Repair damaged or uneven roadways. 

e Separate vehicle and pedestrian routes 
with bollards or with painted hatched 
walkways. 


1.8 Training 


It is strongly recommended that the organization develops guidance note for training as the prime working 
document for site owners and line managers. This is based upon Training Needs Assessment process for 
identifying training needs for individual employees and an established database for collation of the 


information and scheduling training. 


It can also be noted that design of courses and delivery of “Train the Trainer” courses, required the initial 
delivery of training be contracted out to a competent qualified person and also training validation is also 
required over a period of time to confirm the appropriateness of the training and the quality of delivery. 
As example regarding the provision of personal protection it is only personal protective equipment such as 
head protection, foot protection and reflective vests do not require training. The following table lists 


equipment with its essential training requirements 


Description 


Essential training 


Half face respirator — provides protection against dust 
and 

limited protection against 

chemicals 


Selection of correct filter 

Face fit test to ensure no leaks 

Maintenance and cleaning of the respirator 
Changing filters and filter life Emergency responses 


Full face respirator 
Protection as above but additional eye protection 


As above plus cleaning the view piece. 


Harness — can provide fall protection and can also be 
used 
during vertical winched access 


Correct fit and adjustment of harness 
Selection of correct anchor 

point for multi-point harnesses 

Maximum duration of use in suspension mode 


Tripod — used to provide safe entry and exit into 
shafts, 

chambers, wet wells, manholes, etc. 

Where no fixed access can be provided 


Setting up the tripod 

Ground conditions and making safe 

Adjusting the legs for uneven ground 
Anchoring the legs when necessary 

Physical checks of lifting and attachment points 


Winch — used for lowering and lifting persons into 
restricted access sites and used for emergency 
evacuation of injured persons from confined 


spaces 


Attachment to tripod 

Checking the cable and cable attachment to drum 
Operation of the tripod under load 

Physical checks of lifting and attachment points 
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Safety line — used to prevent or limit falls during 
access to 

confined spaces or when working over openings into 
tanks etc. 


Tying off the safety line (use of standard knots) 
Selection of anchor points 

Correct position of snatch lock 

Operation of the snatch lock during a descent 
Difference between fall prevention and fall arrest 


Fall arrester- can limit a fall to less than 2m, can also 
be used to restrict the likelihood of a fall 


When to use a fall arrestor 
How to secure it 
What happens to it after use 


Gas detector — used to identify hazardous 
atmospheres 


Turning it on and checking function, including sensors, 
self 

calibration, battery life 

Understanding the readings and hazard levels 

Peak and average readings and their meanings. 


Example of Occupational Health and Safety Training Guidance Note 


The below is example which needs to be developed for site specific and organization requirements. This gives 
an outline indication only of the type of requirements for an organisation to identify a training need, and to 
assign a priority to it for operations and maintenance personnel 


Training subject 


Duration and Essential Content 


Target group 


Health & Safety 
Essentials 


% day 
Company safety culture 


Commitment to safety 


Common hazards 


H&S Policy statement and meaning 


Company and individual responsibilities 
H&S Handbook contents 


Accident/incident reporting 


All personnel 


Confined spaces 
Drowning. 


ventilation, access. 


Practical exercises. 


2 days initial, 1 day refresher. 
Major hazards — O2, H2S, CH4, Heat, 


Risk reduction — isolation, lock-off, 


Equipment — gas detector, tripod, winch, 
harness, safety line, escape BA, (full BA). 
Team work — size of team, responsibilities. 
Emergencies — rescue and recovery. 


All operations personnel 


Chlorine 
operations 
risk. 


equipment, 
weighing contents. 


securing 
drums. 


detectors, 
alarm systems. 


operation. 


chemical suit. 


2 days initial, 1 day refresher. 
Major hazards — effects of chlorine, off-site 


Drum and cylinder handling — lifting 


Secure storage — securing cylinders, 


Leak detection — ammonia bottles, 


Chlorguard system — connection and 
Safe operations — full BA, half face masks, 


Emergency control — dealing with leaks, 


Applicable only in the case of water 
and waste water operation - in this 
case for all operations and 
maintenance personnel 

dealing with chlorine ( see note 
below ) 
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chlorine emergency repair kit. 


Lifting operations 


1 day initial, 1 day refresher 

Checking equipment — safe working load, 
equipment condition, slings, shackles etc. 
Lifting pumps — connections to pumps, 
isolation 

and lock-off, lifting procedure, safe set-up, 
cleaning pumps for inspection. 

Lifting other equipment — slinging, centre of 
gravity, securing slings, tag lines and 
control, 

hand signals 


Maintenance and 
operations personnel 
carrying out lifting 
operations 


Work equipment 


% day initial, 4% day refresher 

Work equipment general hazards — 
electrical, 

cutting equipment, fire hazards, guards, 
safe 

operation. 

Fault finding and reporting — daily checks, 
taking 

out of service etc. 

Safe use — location, other persons, noise, 
public 

etc. 


Operations and 
maintenance personnel 


Manual Handling 


1 day 

Human body — capabilities, strength, 
weaknesses, age effects 

Handling loads — general lifting, pushing, 
pulling 

Inspection chamber covers — problems and 
solutions, lifting techniques, two person 
lifting, 

key length 


Operations and 
maintenance personnel 


Fire fighting 


% day 

Causes of fire — air, ignition, fuel, electrical. 
Hazards from fire — burns, asphyxiation, 
property damage. 

Types of fire extinguishers — water, CO2, 
powder, foam, checks to be carried out. 
Use of extinguishers - practical 


Operations and 
maintenance personnel + 
10% of office staff. 


Emergency first aid 


% day 

Accidents — types and seriousness 
Dealing with an injured person 
Responses 

Breathing 

Airway 

Circulation 

Resuscitation 


Operations and 
maintenance personnel + 
10% of office staff. 


Permit writing 


% day 

Types of permit — permit to enter, permit to 
work, permit to dig. 

Responsibilities of permit writer 

Practical exercises 


Selected operations and 
maintenance personnel 


Electrical safety 


2 days 
Basic electrical safety 
Isolation procedures 


Electricians 
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Locking off procedures 
Safety checks 

Test equipment 

Sanction to test 

Permit and permit writing 
Working lock-off 


Construction 
safety 


2 days 

Excavations 
Scaffolding and ladders 
cranes 

plant and machinery 
traffic management 
concreting 

site wiring 

power tools 

cutting and welding 
operability of finished work 
stores management 
waste materials 
welfare facilities 


Construction 
supervisors/foremen 


COSHH 


% day 

Handling chemicals 

Storage of chemicals 
Protective clothing 
Managing incidents and spills 
Effects of chemicals 

First aid for chemicals 


Laboratory staff and 
personnel handling 
chemicals 


Examples of Contents from Safety Manuals — Chlorine Safety 


Table of contents 


e Preface 

e Objective 

e Responsibilities 

e Natural & Chemical Features 

e Synonyms 

e Classification 

e Usage Of Chlorine 

e Chlorine Cylinders & Containers 

e Chlorine Hazards 

e Relation Between The Size Of Gas & Liquid 
e Interaction With Water 

e Fire 

e Chemical Interaction 

e Hygienic Effects 

e Provisions Of General Erection & Building 
e Design & Erection 

e Exhaust & Ventilation Fans 

e Gas Anti Leakage System 

e Heating Temperature 

e Electric Systems 

e Fife Fighting Systems 

e Security Measures 

e Components Of Chlorine Dozing Room 
e Preventive Operation Procedures 
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e Preventive Handling Procedures 

e Preventive Procedures To Replace The Containers 
e Emergency Procedures In Case Of Leakage 
e Emergency Procedures In Case Of Fire 
e Area Clearance In Case Of Leakage 

e Leakage Treatment Tools 

e Emergency Tools 

e Security Containers 

e Personal Protection Tools 

e Eye Protection 

e Skin Protection 

e Respiratory System Protection 

e Personal Protection From Chlorine Gas 
e First Aid 

e Chlorine Inhale 

e Chlorine In Contact With The Skin 

e Chlorine In Contact With The Eye 

e Training 

e Appendices 

e Official Rules 

e References 


Examples of Contents from Safe Operation of Fork Lifts 


Table of contents 


Chapter One : Definitions 

e Types Of Forklifts 

e Components Of Fork Lifts 

e Gauges 

e Control Systems 

e Data Board 

e Types Of Wheels 

e Lifting System 

Chapter Two : Physical Work Of Fork Lift 
e Direction By Rear Wheels 

e Center Of Load Gravity 

e Capacity 

e Load Equation ( Inch — Pound) 

e Load Center 

Chapter Three : Fork Lift Operation 
e Speed 

e Circulation 

e Eight Inches Rule 

e In Case Of Vision Hide 

e Be Sure Of Upper Obstacles 

e Lose Chains 

e Un Fixed Loads 

e Wide & Long Loads 

e Operation At Slopes 

e Operation At Rough Surfaces 

e Elevators 

e Loading Bases 

e Fork Lift Parking 

Chapter Four : Safety In Fork Lift Operation 
e Dangerous Parts At The Fork Lift 
e Right Sitting Position Of The Operator 
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e Fall Down 

e Cross Roads 

e Standing Under The Raised Forks 
e Persons Transportation 

e Lifting Persons 

e Allowing Others To Operate The Fork Lift 
e Safety Measures 

e Seat Belt 

e Horn 

e Reverse Horn 

e Turn Flashers 

e General Safety Rules 

Chapter Five : Maintenance 

e Check Up The Safety Equipment 
e Check Up The Steering Unit 

e Check Up The Brakes 

e Check Up The Hydraulic System 
e Check Up The Wheels & Tires 

e Check Up The Mileage 

e Leakages 

e General Check Ups 

e Daily Check Ups 

e Daily Report 

Chapter Six : Fueling 

e Supply Fuel 

e Charge Batteries 

e Change Batteries 


Examples of Contents from Industrial Security Training Programme 


Table of contents 

e Preface 

e General Principles 

e Schedule Of Training Programs 

e Candidate Forms 

e First Aid 

e Vocational Protection Principles 

e Personal Protection Tools 

e Dealing With Poisonous Gases And Dangerous Chemicals 
e Fires And Protection Principles 

e Industrial Security Principles 

e Safety Measures In Using Fork Lifts 

e Traffic Guidance At The Job Sites 

e Outline of Safety Measures In the site 

e Emergency Plans And Crisis Administration 

e Higher Administration Of Safety & Security 

e Consultants & Contractors Safety At The Projects 
e Training Locations 
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Annex : Health, Safety & Environment (HSE) Management System Framework 


There is a wide pleuthoria of information available on developing HSE Management systems, in line with 
recognised international standards. Due to this reason we have not delved into this issue in this book and only 
give the outline of typical framework of system. 

This would also be in line with the quality process for continual improvements 


CONTINUAL 
IMPROVEMENT 


1 Example of Safety Management System 


1. HSE policy 


System Risk 1 Risk 2 


m~ Planning for HIRA & control 


m Legal requirements 


m Objectives 


— OH&S management programme(s) — Strat Plan 


m~ Structure and responsibility 


m Training, awareness and competence 


m Consultation and communication 


m Documentation 


m Document and data control 


m Operational control 


— Emergency preparedness and response 


m~ Performance measurement and monitoring 


m Investigation, inspections and corrective action 


m Records and records management 


HHH 


— Audit 
2. Planning for hazard identification & risk assessment (HIRA) & control: 
2.1 Integrated enterprise-wide risk management system 


e Catastrophic risk management (headline risks) — standards/procedures/controls 
requiring monitoring 
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2.2 Action management (link with hazard register) 


2.3 Risk management - qualitative and quantitative techniques: 
JSA (Job Safety Analysis) — to help develop standard operating 
procedure 
FTA (Fault Tree Analysis) — detailed analysis of contributors to major 


unwanted events, using 
quantitative risk analysis methods 
ETA (Event Tree Analysis) — detailed analysis of the development of 
major unwanted events, using 
quantitative methods 


HAZOP (Hazard and Operability Study) — systematic identification of 
hazards in process plant design 

SCHIRP (Systematic, Comprehensive Hazard Identification & Risk 
Profiling) - baseline 

FMECA (Failure Modes, Effects & Criticality Analysis) — general to detailed 
analysis of hardware component reliability risks 

CTA (Critical Task Analysis) — to help develop standard operating 
procedures 

SWIFT (Structured What If Technique) 


2.4 Risk & hazard register: 
= Pre-emptive (e.g. projects, changes) 
= Baseline 
= Issue-based (e.g. post event or one requiring quantitative technique) 
= Continuous (e.g. inspections, observations etc) 
(work area, occupation & activity based) 


2.5 Hazard management standards / fatal risk control protocols / major hazard installations 
2.6 Workplace risk ratings (based on inspections & audits — linked with hazard register) 
2.7 Hazard & near-hit reporting — hazard of the month 


Legal requirements: 


e = Safety regulations 
e Corporate legal advice and from Industrial Security & Government Affairs 


Objectives: 
Targets & objectives — defined on scorecard & in business / operating plan 
Safety management program: 


5.1 HSE strategic, business & operating plans 
5.2 Behavior & Mindset Modification Processes: 
e Critical behavior observations 
e Visible, felt leadership 
e Cardinal / golden safety rules (zero tolerance) 
e Recognition & reinforcement system e.g. scratchies / safety suggestions, focus on 
positive, safe behavior 


5.3 Contractor system (including sub-contractors) — includes 3" party equipment safety 
5.4 Equipment selection & certification 
5.5 National insurance requirements 


5.6 Off-the-job safety 
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Structure & responsibility: 


6.1 Leadership structure & accountability 
6.2 H&S management committee 
6.3 Accountabilities defined: 


e Board / President/CEO 

e Vice President: Planning & Business Development 

e = Plant Managers 

e HSE Director 

e HSE department staff 

e H&S representatives, rep. committee chairman & committee members 
e Superintendents / supervisors 

e General employees 

e Contractors / sub-contractors 

e Visitors 


Training, awareness & competence: 


7.1 Competency-based training, fit-for-purpose 
TOPICS: 
7.2 Induction: 

e Visitors 


e Contractors, consultants 
e General area orientation & local area orientation 
e Employees (booklet to be handed out as well) 
7.3 Ergonomics — work with Original Equipment Manufacturers (OEM) 
e Reduce back pain in driver & machine operators 
e Reduce repetitive strain injury, musculoskeletal injury (man-machine interface) / 
equipment design, safe method of work 
e Materials / manual handling 


7.3 Hazard, risk management & behavior / mindset processes 

7.4 Specialist training of H&S staff and contractor management 

7.5 Employee recruitment, selection, competency & training — screening & verifying stated skills 
& past history 

7.6 Buddy system — mentorship — old hands mentor new hands 

7.7 Awareness: 


e Hazard of the month 
e Communication of industry hazard alerts & incidents 
e Company specific site safety alerts / notices 
e = Internal / international / HCIS 
e = Safety publications 
e Safety incentives 
e Safety promotion & campaigns 
e HSE employee awards program — recognizing excellence — issued by President/Vice 
President: Planning & Business Development 
e Toolbox early (pre-shift) meetings 
e Internet information reference sources: 
www.myosh.com (Safety solutions site) 
www.cdc.gov/niosh/ (National Institute for Occupational Safety & Health — 
Centers for Disease Control & 
Prevention) 
www.bsi-global.com (British Standards Institute - OHSAS 18001 System 
Standard) 
www.who.int (World Health Organization) 
Consultation & communication: 
8.1 Crew & group safety & toolbox meetings (with action management) 
8.2 Sector and national associations: 
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10. 


11. 


8.3 Exchange leading / best practice within industry, sharing & learning between the 
organisation & other companies 


8.4 HSE quarterly workshops / seminars for leadership team 
Documentation 
9.1 System to reviewed periodically, update where necessary 


9.2 Reporting: 
e Internal / corporate 
e Insurer — national requirements / broker 


9.3 Hazardous materials management — includes Material Safety Data Sheets (MSDS) 
9.4 Registers: 

e Hoists 

e Wire ropes 

e Chains 


e Fire extinguishers 
e Breathing apparatus 
e Height rescue equipment 
e Training records 
e First aid equipment 
Document & data control 
Electronic business management system (EBMS) — Document management, or via intranet 
Operational control 
11.1 Purchasing — safety specifications — products 
11.2 Tagging, lock-out & (energy isolation) 
11.3 Safety cones & signs, notices & barricades 
11.4 Underground: 
e Mobile equipment 
e Fixed plant & machine guarding 
e Cranes & lifting equipment 
e = Scaffolding 
e Working at height (fall prevention) 
e Unsupported ground (underground & surface ground control) 
e  Unventilated areas, confined space & hot work 
e Remote loading 
e Conveyors 
e Boilers / pressure vessels system 
e Dust suppression 
e Barricades, notices & signage 
e Tag board 
e Gas detectors 
11.4 PPE & clothing, including safety harnesses / other fall arrest devices 
11.5 Vehicles & traffic safety 
11.5 Workshop safety 
11.6 Equipment license register 
11.7 Pre-use inspections 
11.8 Access control 
11.9 Visitor controls 
11.10 Underground & surface fire prevention 
11.11 Chemical / hazardous substances management 
11.12 Change management 
11.13 Standards — e.g. electrical testing 
11.14 Safe work procedures — for safe systems of work 
11.15 Standard operating procedures 
11.16 Job safety analyses & pre-emptive risk assessment - forms part of change management — 
technical, HR, emergency response, procedural, management & operational nature 
11.17 Task analysis forms 
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12. 


13. 


14. 


15. 


11.18 Machine guarding 
11.19 Permit System: 
= Hot work 
= Dig 
= Access pit mining area 
= Confined space entry 
= Working at heights 
= Electrical safety - high voltage 
=" lonizing radiation 
= Blasting 
= Isolation from stored mechanical energy 
11.20 Emergency preparedness & response: 
e = First aid 
e Site evacuation drills 
e Fire risk plan 
e Crisis management plans / contingency plans, emergency action plan 
communication on crisis 
e Dealing with media / public 
e Plant evacuation siren & PA 
e = Flooding 
e Cyanide 
e Power failure, gas leak 
e Explosive device or bomb threat 
Performance measurement & monitoring 
12.1 Information system for HSE, risk management, document control and action management 
12.2 Statistical analyses, using HSE information system 
12.3 Performance management 
Lagging (trailing) indicators — LTIFR, NLTIFR, AIR, severity ratio, damage incidents etc (contractors + 
employees) 
12.4 Leading (proactive) Indicators — hazards, near-hits, observations, audits, % safe behavior etc 
Investigations, inspections & corrective action 
13.1 Incident/accident reporting & investigation 
13.2 Pre-use checklist - operational 
13.3 Safety inspections 
13.4 Incident reporting, investigation/analysis (using systematic root cause analysis) & 
management 
Records & records management: 
Statistics & scorecard 
Audits 
15.1 Internal audits (with protocols/checklists)— GOSI, regulations, hazardous substances, 


contractor safety management 


16. 


15.2 3" Party System Audits — CAP 
15.3. OHSAS 18001- 3" party audits or internal 
15.4 Insurance brokers 

15.5 Housekeeping 

15.6 Corporate safety audits 

15.7 PPE compliance 

Management review 

e Weekly senior management meetings 
e Weekly site operational review 

e = Internal HSE management review 

e Hazard register review 

e Regulatory compliance review 

e Performance management reviews 

e = Post-accident review 

e H&S management committee 
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2. Example of a Typical Health Management System 
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Wellness, fitness, diet program (lifestyle) 

Pre-placement fitness for duty medicals (employees & contractors) 

On-site primary healthcare (reduce absenteeism, e.g. flu vaccinations) 

Occupational healthcare — periodic medical surveillance & biological monitoring 
Occupational hygiene monitoring 

Emergency medical preparedness & response 

First aid training 

Health regulatory compliance 

Rehabilitation 

Health scorecard: % reduction in people potentially exposed above the OEL / BEI, reduction in 
occupational illness rate 

Off-the-job health 

Occupational hygiene stressor register — H.E.G.s e.g. dust, noise, temperature, chemicals etc 
Identification, evaluation, control & monitoring of workplace health hazards and exposures 
Instrument calibration 

Fatigue (shift work), including comfort 

Employee assistance program — psycho-social services 

Health education & training 

Working in extreme temperatures 

Health risk register 

Smoking policy 

Sanitation & personal hygiene 

International travel health related risks 

Hearing conservation program 

Ergonomics (repetitive trauma resulting in musculoskeletal disorders), noise-induced hearing loss 
Lung disease, vision impairment - drivers, poisoning (absorption, inhalation, digestion) 
Stress & asthma management 

Dermatitis 

Company health & emergency response audits 

Regional healthcare & emergency medical service providers’ assessments 
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3. Typical example of Environment Management System 


1. Commitment & policy 
1.1 HSE policy — environmental stewardship 
1.2 Environmental responsibility included in the terms of reference governing the role 


of the board 
1.3 Code of ethics 
2. Planning: 
2.1 Environmental aspects & impacts (risk assessment): 
e = Aspects identification and register 
e =Impacts identification and register 
e Assessments of environmental impact for license applications — including 
hydro-geological assessments 
e Risk assessment — register and reviews, qualitative and quantitative 
e Contingency plans to address residual risk, reviewed by experts 
e Reviewed by stakeholders 
e Risk assessment completed prior to closure, to identify ongoing liabilities 
e Key aspects to address (within specified timeframes) — CO, / greenhouse, 
ozone depleting substances, suppliers 
e Project management — design, construction & commissioning — input at 
planning stage 
3. Legal & other requirements: 
e General Regulations on the Environment + Rules for Implementation 
e Industry Investment Codes 
e ISO 14001 environmental management standard 
4. Objectives & targets: 
e Site specific 
e internal performance criteria — internal standards where there are no 
government or external standards or where they are not applicable — e.g. 
diesel emissions, contractors 
e Values - minimum impact in day-to-day activities / reduce environmental 
footprint 
5. Environmental management programs: 


5.1 Flora & fauna 


5.2 Cultural heritage (including archaeological) - avoiding disturbance of artifacts of 
significance 

5.3 Visual impact / landscape 

5.4 Water (including conservation & treatment, groundwater, surface water, sediment 


control & in-stream biological monitoring) 
5.5 Air quality: 
— Dust and other emissions 
— Climate change — Kyoto protocol / ozone-depleting substances 
5.6 Waste — rock, non-process waste (e.g. reduce, recycle, reuse)- cleaner production, 
safe disposal of residual wastes & process residues, removal of asbestos / PCBs in 
transformer oil 


5.7 Recycling and re-use — used oil, grease, scrap metal, batteries, paper, cardboard, 
gloves & aluminium cans 

5.8 Contaminated sites management 

5.9 Chemicals management 


5.10 Wastewater management 

5.11 Conservation management — biodiversity, native species propagation and planting, 
endangered species management, wildlife habitat plantings / conservation, weed / 
pest (predator) eradication 

5.12 Energy conservation 

5.13 Vibration / noise 
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5.14 
5.15 
5.16 


5.17 
5.18 
5.19 


5.20 
5.21 


5.22 
5.23 
5.24 


Hydrocarbon management 

Land management plan — future use 

Rehabilitation (through mining life cycle, concurrent reclamation, alternative 
productive land use, returning land to previous or better use, re-contouring) 
Revegetation studies / research 

Bonding / closure plans — provide additional security to stakeholders 


Contractor environmental management (incl. sub-contractors), including suppliers / 


customers - environmentally-focused supplier program 
Hazardous materials management 
Exploration — environmental guidelines 


Spill prevention 
Benchmarking & addressing changing external expectations 
R&D (developing better practices & innovating technologies) - with specialists 


Implementation & operation: 


6.1 


6.2 


6.3 


Structure, accountability and responsibility: 
Resources: 


Management / leaders 
General employees 
HSE department staff 
Training 

Financial 


Training, awareness & competence: 
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Induction, including contractors 

Legal responsibilities 

Regulatory training, include competencies 

HSE dept skills (qualifications) 

General environmental awareness and motivation 

Knowledge and skill assessment 

Integration into business management systems — required for contractors / new 

employees etc 
HSE employee awards program — recognizing excellence — issued by President / VP: 
Planning & Business 

Development 

Internet information reference sources: 
www.un.org/rights (United Nations Universal Declaration of Human Rights) 
www.iucn.org (World Conservation Union) 
www.globalreporting.org (Global Reporting Initiative) 
www.iso.org (International Management System Standards) 
www.standards.com.au (ISO 14001) 
www.cepaa.org (SA 8000 Social Accountability Standard) 
www.unep-wemc.org (United Nations Environment Program) 
www.unglobalcompact.org (United National Global Compact) 
www.wbsd.ch (World Business Council for Sustainable Development) 


Communication, consultation & reporting: 


6.3.1 Stakeholder identification (industry associations, indigenous communities, 


investment community, community 
organizations) 


6.3.2 Stakeholder communication (including our own employees) 
6.3.3 Internal communication regarding operating requirements 
6.3.4 Government organizations: 


29 


6.3.5 Non-government organizations 

6.3.5 Annual public reporting / community report (accessible to public via internet & 
some posted), feedback from 
stakeholders sought prior to publication — comments incorporated 

6.3.6 | Consult communities on environmental consequences of activities — completed at 
licensing phase 

6.3.7 Complaints register — feedback and response 

6.3.8 — Community liaison 


7. Environmental management system documentation: 
Manual 
8. Document control: 


e Environment information system 
e Records 
e Reviewed periodically, updated where necessary 


9. Operational control: 


e Procedures — storage of chemicals, waste disposal 

e Standards 

e Environment management applications (between HSE & Ops) — ensuring 
conformance with internal and external requirements 

e Plant / equipment operation, maintenance & testing 

e License checklists 

e Monitor progress / leading edge / keeping abreast of changes — strategic 
management of changing requirements 


10. Emergency preparedness & response: 


e Emergency response / contingency planning 

e  Impoundment emergency action plans 

e Response drills e.g. hazardous material spill 

e Clean-up & remediation strategies 

e Community involvement in developing & reviewing response plans 


11. Measurement & evaluation: 


11.1 Monitoring & measurement: 
11.1.1 Monitoring standards and procedures 
11.1.2 Monitoring (includes stakeholder involvement): 
Creek / river flow 
Rainfall 
Pit water quality 
Silt pond discharge 
Compliance boreholes 
Surface water quality 
Water storage dam 
Conductivity 
Aquatic biological monitoring 
Phreatic Surface (water table) 
Rehabilitation 
Air discharges: 
= Depositional dust fall 


0 0 0-0 O0 0- 0O 0 :0 0-6 
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12. 


13. 


14. 


15. 


. Total suspended particulates 


= Respirable particulates 

. Meteorological conditions 
fe) Post-closure monitoring programs 
(0) Quarterly monitoring reports 
o Trend analyses / statistics 


Non-conformance and corrective / preventive action: 


L% D 9 E O E © AE E) 


Records: 


Incident reports, notification, procedure and register 
Incident response 

Investigation (using root cause analysis technique) 
Classification system for incidents 

Procedure for non-compliance 


Registers 
Library 
Databases 


Environment system audits: 


Internal & external license audits 

Waste audit 

Insurance audit 

Bond calculation audit 

IS014001 standard audit 

Report in terms of Global Reporting Initiative Sustainability Reporting 
Guidelines 

Company corporate HSE audit 

Encouraging external involvement in monitoring, reviewing & verifying 
environmental performance 

Interviews with external stakeholders (local community, NGOs, regulators, 
media representatives & government officials) 


Review & improvement: 


O 
O 
O 


Management review 
Management system review 
Continual improvement 
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SUSTAINABLE DEVELOPMENT CONSIDERATIONS — LINKS WITH HSE 


Social impact assessments (for new developments & mine closure) 

Human rights — endorse Universal Declaration of Human Rights 

Local community investment — regional economic growth (supply chain 
management) 

Indigenous employment & business support 

Local employment & business support 

Management of heritage sites 

External permitting & permissions 

Government relations 

Media relations 

Indigenous affairs — traditional rights of indigenous peoples, including indigenous 
employment 

SA 8000 standard — social 

Staff & contractor behavior 

Management of culturally significant & religious sites 

Scorecard — community contributions (expressed as % of pre-tax profit), community 
relations plan 

Business ethics & conduct — compliance line, confidential, anonymous reporting 
System for community donations by employees 


32 


SECTION 2 : HAZARD IDENTIFICATION ANALYSIS 


2.1 Introduction 


In this chapter we go through the various phases of Hazard Identification Analysis ( HAZID ) for which the 
objectives are to identify main hazards, to review the effectiveness of selected safety measures and, where 
required, to expand the safety measures in order to achieve a tolerable residual risk. 

By means of the HAZID analysis the primary process, but also non-process, hazards as well as their possible 
escalations can be identified due to the structured manner of the procedure. Employees can be advised of the 
relevant hazards concerning their working area 


HAZID analyses are usually to be revised when considerable modifications, upgrades or re-design of existing 
facilities are carried out or if events like accidents, critical situations or near misses call for this. In this context 
a change, upgrade or re-design is to be considered as essential if process modifications associated with 
consequences for safety or safety related equipment are involved. This also applies for utilities including 
buildings, machinery, equipment etc. that do not necessarily contribute to the primary operating objective but 
which are associated with the process facilities in terms of layout or operation and that are safety relevant. 
Those being in charge of operations and maintenance and those working in the facilities should have the initial 
HAZIDs at the start of the project and then thereafter to go through the formal process for possible changes. In 
principle operators are expected to repeat the analyses at least every few years ( 3 to 5 years as example ) in 
order to maintain the residual risk as low as reasonable practical 


Process Hazard Analysis (PHA) which are a well structured approach, and according to recognised and 
international best practice and standards. These follows specific requirements as example of which : 


° EPSC, IChemE & Chemical Industries Association, 2000, "HAZOP — Guide to Best practice for the 
process and chemical industries". 


° IEC 61882:2001 - Hazard and Operability studies (HAZOP Studies) - Application Guide 
° F.P. Lees, 1996, “Loss Prevention in the Process Industries”, Butterworth-Heinnemann, 2nd edition. 
° Chemical Industries Association (CIA), 1977, "A Guide to Hazard and Operability Studies". 


° AIChE Center for Chemical Process Safety (CCPS), 1992, "Guidelines for Hazard Evaluation 
Procedures", USA, 2nd edition. 


° Wells, G., 1996, "Hazard Identification and Risk Assessment", IChemE, UK. 


° ISO-17776:2000, "Guidelines on tools and techniques for Hazard Identification and Risk Assessment" 
PHA is mandated by regulations in many countries, for example: 

° USA: OSHA Process Safety Management (PSM) programs under 26 CFR 1910.119 

° USA: EPA Risk Management Plan under 40 CFR 68.67 

° European Union: Seveso II Directive 

° UK: Control of Major Accident Hazards (COMAH) 


The above regulations themselves and associated guidelines provide valuable information on best practices for 
PHA. In particular, the US regulations go into considerable detail on what a PHA should contain and how it 
should be conducted. 


The Center for Process Studies (CCPS) of the American Institute of Chemical Engineers (AIChE)has published 
several documents containing guidelines on PHA, including "Guidelines for Hazard Evaluation Procedures" and 
"RevalidatingProcess HazardAnalyses". 


The CCPS has described procedures for12 methods of performing a PHA. The six most commonly used are said 
to be: 


1. What-lf 
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2. Checklist 

3. What-lf/Checklist 

4. Hazard and Operability Study (HAZOP) 

5. Failure Mode and Effects Analysis (FMEA) 
6. Fault Tree Analysis (FTA) 


The OSHA and EPA regulations permit the same six methods as listed above but allow any other functionally 
equivalent method to be used. Combinations of methods may also be used. 


According to AIChE, the range of applicability of the above six methods is as shown in Table. 


The CCPS publications and the OSHA and EPA regulations are perhaps the most useful source of general 
information on PHA. For specific PHA methods, other more detailed standards are sometimes available. 


For HAZOP, an important reference is IEC 61882 "Hazard and operability studies (HAZOP studies). Application 
guide (British Standard)". 


For FMEA, an important standardislEC-60812 "Analysis Techniques for System Reliability - Procedure for 
Failure Mode and Effects Analysis (FMEA)". Useful information is also available in the standards of the 
automotive industry, which uses FMEA extensively; e.g. AIAG's "FMEA" Standard and SAE-J-1739" Potential 
Failure Mode & Effects Analysis in Design". 


For FTA, IEC 61025 "Fault Tree Analysis" is available. 
Numerous books and articles have also been written describing best practices for PHA. 


Table: Applicability of PHA techniques 


Table 1: Applicability of PHA Techniques (ref: AIChE) 
a Checklist What-if What-if/ HAZOP FMEA FTA 
Checklist 

R&D v 
Design v v v 
Pilot Plant Operation v v v v v v 
Detailed Engineering v v v v v v 
Construction/Startup v v v 
Routine Operation v v v v v v 
Modification v v v v v v 
Incident Investigation v v v v 
Decommissioning v v v 


Basically PHAs are structured analysis of the Process Deviations potentially triggering Hazardous scenarios and 
problems in safely operating the plant. The form of PHA most widely utilized in modern industry is HAZOP 
(Hazard and Operability Study), which is by far the most structured and useful form of qualitative Hazard 
Identification for Process. HAZID analysis can be applied as well and example checklists are provided in this 
chapter which also , providing an hazard identification more aimed to events external to the process, and 
entering into process hazards in a less systematic way. 


Application of Reliability Improvement Program are not normally part of the PHA Review, however during PHA 
Review these will need to interface with these parallel activities, and one of the final useful outputs of the 
Review will be the identification of the gaps to be fulfilled for aligning the PHAs to a suitable level sufficient to 
input in systems specifications, design and IPF analysis (e.g. during SIL - Safety Integrity Level assessment and 
verification, although this is obviously excluded from present proposal). 
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2.2 Methodology 


Appendix 1 provides a simplified review of the hazard identification exercise as ‘ high level review ‘ For 
Activities of a review specific for the process or activity this will be developed according to the following plan : 


Phase 1 : Process Hazard Analysis Initiation 


1. Kick-Off Meeting (KoM) : this activity will involve an initial kick-off meeting for the high-level coordination 
and contacts needed to carry out the job. As part of this, the specialists from our project Team will 
interface with the relevant specialists from engineering — operation / maintenance and asset teams and 
they will define jointly the priorities for the PHA Review; 


2. Data Collection: this activity will be developed sequentially with the KoM, exploiting the same business 
trip. It will involve collection of all existing PHAs, and all the applicable reference material from the Project 
Management. to this end, a suitable interface shall be set-up, from both sides, At the end of data 
collection a register of documentation (PHAs and supporting documents) will be prepared and circulated 
for approval. This list of PHAs will represent the agreed scope of work for the initial reviews. 


3. PHAs Reviews (Core Activity): A series of Reviews will be developed by the Project Team to verify the 
compliance as previously described. The Team will comprise, as a minimum, a Senior HAZOP/HAZID and SIL 
Specialist (with experience of Chairmanship, follow-up, reliability verifications), co-teamed as needed by a 
Senior Process Specialist and a Senior Instrument Specialist, available on call as needed. For each existing 
PHA, the necessary verifications will be carried out, by either using appropriate checklists and by 
engineering expertise. Each PHA will be critically examined producing a Review Report, which will state: (1) 
Level of Compliance with Best Practice, (2) Quality of the PHA, (3) identified GAPs and Omissions, (4) further 
recommendations and actions to be taken, and (5) high level Priority Plan for suitable integration to 
acceptable levels. This activity is a Table-Top task and it is expected to be carried out at our premises in 
Italy. Meetings to discuss specific issues can be convened if necessary, and a final review meeting where 
the results of the PHA review are presented and discussed to the O &N M and asset specialists and 
Managers will be convened. 

4. Following completion of all PHAs review, the full list of actions and the priority plans produced will be 
harmonized and consistently collected in an Overall Plan, inclusive of the estimated costs and planning for 
implementation (which can be used to start the subsequent PHASE 2). 


Phase 2 - PHA analysis and gap closure activity approach 


PHA Analyses to be integrated, improved, or carried out from scratch, resulting from the findings of PHASE 1, 
will be offered for in such way to properly answer the NWC needs and expectations. 


The detailed development of the PHAs will be aligned with the international standards and best practice 
previously mentioned (see below section), and it will be essentially carried out as a structured brainstorming, 
thus requiring a Team Work. 


Activities are expected to be carried out for the most part at NWC premises in KSA (although they can be also 
held at our premises in Italy, if more appropriate), as described below. 


The PHA review comprises the following: 


e preparation of the PHA sessions (table-top activity to be carried out at the individual sites); 

e provision of PHA Chairman for the sessions; 

e provision of a suitable PHA recording software for the duration of the sessions (e.g. PHA Works by 
Primatech, or equivalent) 

e provision of a Process Expert for the Project 

e provision of an Instrumentation/technical expert for the Project 

e Reporting in English language for PHA 
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The studies will be carried out on the most updated available sets of P&IDs and C&E Matrixes, plus the other 
additional supporting documentation (PFDs, Plot Plants, etc.). The Role of each Technical Team Member is 
briefly explained in the following: 


e PHA CHAIRMAN: 

He is an experienced, independent technical specialist. He is responsible for dividing the 
P&IDs and the systems into suitable nodes, leading the study with appropriate guidewords, 
establishing the detailed work schedule, ensuring that the correct procedure is followed 
and that notes and results of the study are properly recorded without omissions. He will 
also resolve any conflicts that may arise during the study, ensuring that the team works 
toward a common goal by utilizing all team members expertise, and checking on progress 
of the study. The Chairman is also responsible for issuing the PHA Report, after completion 
of the review. 


e PROCESS AND INSTRUMENTATION EXPERTS: 
They are experienced technical personnel with extensive background in the Process, 
Technical and Instrumentation discipline, and their role is to support and assist the NWC 
Team in the analysis, by adding expertise, coaching the team in their respective fields of 
expertise, and by adding value to the analysis with their knowledge of engineering. 

e O8&M/ ASSETS TECHNICAL GROUP: 
Members of the Technical Group are responsible for providing comments and answers 
based on their knowledge and experience of the plants, for resolving issues emerged 
during the study. General rule is that total number of Team members should not exceed 6- 
8 people to avoid disorganized sessions. The O & M / assets project team should comprise 
as a minimum the following experts: 


- Process Specialist; 
- HSE Specialist; 
- Instrument Specialist; 


- Other discipline experts (mechanical, electrical, maintenance etc.): available on 
call. 


The PHA technique is a systematic analysis that uses a guide word structured approach to identify deviations 
from intended process design. The most commonly applied form of PHA to assess safety of process systems is 
HAZOP, and basically all PHAs of PHASE 2, for being comprehensive, will be structured as a HAZOP. The 
primary goal of PHA is the identification of Process Safety Hazards and Operability Problems. The main type of 
document for the application of the PHA procedure is the Piping and Instrumentation Diagram (P&ID), 
therefore it is fundamental to rely on the most updated issue of the Project P&IDs and to complete the 
appropriate internal reviews prior to the start of the Activities. 

The analysis is based on a number of discrete systems (nodes) in which each P&ID is appropriately divided. In 
this way the team can focus close attention on a single circuit and then produce recommendations for each 
system. 


Each node will be reviewed by examining which deviations for normal operation can lead to undesired 
outcomes, and exploring the details of these outcomes. All applicable deviations will be examined combining 
appropriate guidewords to the relevant process parameters. Standard guidewords, parameters and applicable 
deviations for a continuous process are listed in the below table 


Each deviation will be analyzed identifying the primary potential cause, including, but not limited to: 
e Malfunction of process control systems; 
e =Blockages; 
e Operational Error (e.g. opening wrong valve); 
e Faulty maintenance activities; 


e Failure of power supply, cooling water, instrument air or other utilities. 


36 


For each realistic deviation/cause identified, the session will continue analyzing the consequences associated 
to the deviation/cause and assessing whether these consequences can cause a hazard (where the term 
"hazard" is intended from a safety or operational point of view, such as fire, explosion, release of flammable or 
toxic material, off-spec. products, loss of production, etc). 


Where a deviation will be found to be credible and the consequence, examined without considering the 
existing safeguard, will show the potential for a hazard, the Team will consider what mitigating features might 
exist (e.g. relief valves, shutdown systems, alarms, etc) and whether they could be considered sufficient or not, 
depending upon the severity of the expected outcomes. 


All discussion will be recorded on the spreadsheet, and for each node a complete digression of all relevant 
parameters/guidewords and related deviations will be compiled under the Chairman and the Team 
supervision. The complete record of the whole PHA Sessions will be reported in the PHA Report for easy 
reference during the Follow-up process. 


When considered necessary, remedial measures will be required depending on the expected (qualitative) 
likelihood of the event and its consequence; These measures will be recorded in the worksheets in the form of 
recommendations aimed at identifying actions to be subsequently followed-up by the project team. Each 
Recommendation/Action will be identified via a unique reference number. 


Each Node discussed during the meeting will be marked in colour in the Master Copy of the P&IDs, to ensure 
no items is missed and to facilitate the explanations during the sessions. The marked-up P&IDs representing 
the PHA Master Documents will be eventually attached to the Report for easy reference. 


PARAMETERS GUIDEWORDS DEVIATIONS 
more / less / none / reverse / high flow / low flow / no flow 
FLOW other than / reverse flow / loss of 
containment 
PRESSURE more / less / none high pressure / low pressure / 
vacuum 
TEMPERATURE more / less / as well as high temperature / low 
temperature / cryogenic 
LEVEL more / less / none high level / low level / no level 
more / less / reverse / part of / | additional phase / loss of 
as well as / other than phase / change of state / off- 
STATE/ COMPOSITION spec composition / 


contaminants / corrosive 
concentration 


CORROSION/EROSION 


more 


Increase of corrosive 
condition (e.g. contamination, 
intermittent wet/dry 
operation , excessive velocity, 
wet H2S, etc) 


REACTION 


more / as well as / other than 


runaway reaction / side 
reaction / explosion 


UTILITY: power, air, steam, nitrogen, 
cooling water 


No 


loss of ... 


UNSTEADY OPERATION: startup, 
shutdown, maintenance, testing, 
sampling, drainage 


as well as / other than 


difficult ... / hazardous ... 


DOCUMENTATION 


part of / as well as / other than 


incomplete documentation / 
unclear documentation / 
incorrect documentation 
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Table Typical PHA/HAZOP Guidewords/Parameters and Related Deviations for Continuous Processes 


(only applicable Parameters shall be analyzed) 


SELECT NODE 


MOVE ON TO 
NEXT NODE 


> SELECT DEVIATION (e.g. more flow) ALL DEVIATIONS 


MOVE ON TO IDENTIFY ALL CAUSES 
NEXT DEVIATION AND CONSEQUENCES OF DEVIATION 


IS THE SYSTEM 
ADEQUATELY PROTECTED? 


AGREE RECOMMENDATIONS & 
DEFINE WHO IS RESPONSIBLE 
FOLLOW UP | 


Figure - PHA/HAZOP Standard Flow Scheme 


q---4 


The main steps involved in the PHA study process which was discussed above are schematically indicated in 
the flow chart of the above figure and are summarized here below in a step-by-step list: 


selection of a Node which contains the specific section of the plant and definition of Node's 
design intent and process conditions; 


Selection of a relevant Parameter and selection of a Deviation applying a suitable Guide 
Word to the Parameter (the GW, Parameters and Deviation not applicable for the specific 
cases will be normally skipped without further analysis); 


identification by brainstorming of potential and credible Causes associated with the 
deviation and assessment of the possible Consequences associated with each cause (Team 
work); 


identification of the Safeguards included in the design to protect the System (by preventing 
the hazard and/or mitigating the consequences); 


agreement on suitable Recommendation(s) for action if the existing safeguards are 
considered to be inadequate based on the Team judgment. If an immediate solution is 
available and acceptable to the team, the proposed solution is recorded in the Worksheet 
to facilitate the follow-up. Where solutions are unlikely to be found without a more 
detailed technical evaluation, the Chairman will record the problem for a separate later 
assessment. All recommendations shall be appropriately evaluated during the follow-up 
activity, which is NOT part of the PHA; 


repetition of the above procedures until all relevant GWs have been applied to all 
Parameters within each Node of the process system until the complete system within the 
scope has been examined by the Team. 
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A typical format of the Working sheets is shown in the figure below and includes General Information, Node 
description, Parameter, possible deviation (parameter and guide word), deviation causes, consequences, 


existing safeguards, recommendations, responsible party (action owner) and possible comments. The 
appearance of the Worksheet and the Columns can be customized. 
Facility: Test Facility 
Session: (1) 11/01/2007 Revision: (0) 
Node: (1) Description of Node 1 (e.g. Fractionator Column Bottom including pumps, etc) 
Drawings: P&ID XYZ 
P&ID XYW. 
Parameter. Flow 
_ GW DEVIATION =| CAUSES _____ | CONSEQUENCES ___ SAFEGUARDS _|_ RECOMMENDATIONS | BY 
No 1. No Flow from 1.1. Operating Error closing 1.1.1. Damages to P-013A or B/1.1.1.1. Operating Procedures 
Fractionator Bottom |EBV-201 during normal operation (seals leading to potential leak [and Operators Training 
and fire (temperature is above |Programme 
AIT) 
1.1.1.2. Ergonomic design to 
prevent accidental activation 
1.1.1.3. FAL-204 
1.2. Pump P-013A stop 1.2.1. High level in fractionator |1.2.1.1. FAL-204 1. Provide an automatic Start-up of| Action Owner 
bottom potentially sealing-off Spare Pump P-013B/A on low 
the Scrubber from the 1.21.2. LAH-206 pressure at discharge, including 
SV-208A/B/C/D causing the relevant instrumentation 
overpressure 1.2.1.3, Steam Driven stand-by 
Pump P-013B is available 
1.2.2. Coking of the Scrubber (1.22.1, See Above 
Grid leading to potential partial 
plug 
2. No flow back to |2.1. Malfunction of FIC-203 closing |2.1.1. Increase of Temperature |2.1.1.1. FALL-xxx generating 2. Increase Design Temperature of|Action Owner 
fractionator Bottom |FCV-203 in Fractionator Bottom due to [ESD Pumps P-013A/B, Wash Oil 
loss of cooling by E-010 with Strainers F-O08A/B, Steam 
consequent closure of Generator E-010 (tube side) and 
TCV-211 by TIC-211 relevant piping up to 415°C 
Overheating of Wash Oil (operating Temperature of the 
Strainers F-008A/B and Steam liquid coming from the bottom of 
Generator E-010. Coke the Fractionator Grid) 
formation in the bottom of 
Fractionator which will transfer 
to Scrubber Grid 
More 3. More Flowfrom 3.1. Both Pumps P-013A and B 3.1.1. No significant problems 
Fractionator Bottom |running at the same time (e. 
Transmitter failure, local IA failure, 
operator error) 
14. More flow back to |4.1. Malfunction of FIC-203 fully _|4.1.1. Minor process upset with 4.1.1.1. FAL-204 
Figure - PHA/HAZOP Typical Worksheet 
Sessions Organization 
The Work is organized in daily sessions of the approximate duration of 6-7 hours, with short breaks. Typically, 


considering the normal development, the following tasks are scheduled for each PHA session: 


e Firstday: Introductory Part: 


- Formal Opening of the Session, 
- Overview of the Project, 
- Overview of the PHA process; 


e First day to Last day: Perform the PHA (core activity); 


e The HAZOP leader will introduce the study, setting out objectives, the HAZOP process for 


team members, and roles. 


e The design engineer will give a brief description of the operation of the system under 
study, outlining the major issues he has had to address in the design, and the key design 


parameters and conditions. 


e The leader will select a line diagram and mark up the first section of pipework and 
equipment that is to be studied (the node) . He will use the list of guidewords to determine 
possible deviations from the design intent, the likely causes and the consequences. The 
team should consider to what extent alarms, trips and ultimate protections such as the 


design envelope mitigate the effects of the deviation. 


e = If the deviation from the design intent is considered to be serious and any mitigations do 
not ameliorate the situation adequately, the team should consider if there is an obvious 
solution. If this solution cannot be found quickly, the team should define the problem as a 


simple action for resolution outside the study session. 
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e The cause, the consequence, the safeguards (eg protective systems), any proposed actions 
and the person nominated to resolve the problem should be recorded on a worksheet 
(Appendix 2 shows a typical worksheet). 


e Each page of the worksheet should be clearly identified by means of the P&ID number, the 
node number being studied and a continuation number. 


e The review process will proceed from one guideword to the next, iterating steps (c) to (e). 


e It is the task of the team leader to draw from his experience to prompt the team to 
consider all potential hazards appropriate to the area under study, if necessary by him 
making reference to check list 3 . 


e As the examination each line or piece of equipment (the node) is completed, it will be 
colour coded on the P&ID to indicate it has been studied. The study then moves on to the 
next node. Depending upon the complexity of the P+ID’s and the intent of the HAZOP, 
there can be a number of nodes on each P+ID or alternatively a single node could extend 
across several P+ID’s. 


e When each P&ID has been studied, it should be checked for lines or equipment that have 
not been colour coded. Lines that have not been colour coded must be HAZOP’d using the 
procedure defined above unless those parts of the P+ID’s are excluded from the scope of 
the HAZOP. The breakpoints between the excluded scope and the study scope must be 
clearly marked. The parts of a P+ID not HAZOP’d should be labelled accordingly. 


e Last day: Closure of activities: 


- Review main findings of the PHA, 

- The team at the first opportunity will review recorded actions - ideally at the 
next meeting and the agreed actions passed to the client at the earliest stage. 

- Some clients require the HAZOP worksheet is projected on to a screen in the 
meeting whilst it is being created. This method allows consensus over what is 
recorded on the worksheet to be seen to be achieved. However it significantly 
prolongs the review process since time can be spent debating semantic issues 
which distract from consideration of the technical ones the team has been 
assembled to deal with. 

- The most expedient method is for the team leader/secretary to edit the draft 
minutes and provide a hardcopy for review the next day by team members. If 
time and cost are not a consideration and the layout of the HAZOP room 
permits it, then projecting the worksheet onto a screen in the meeting room 
should be considered. 

- If agreed in advance the HAZOP Secretary will provide the client with a copy of 
all the worksheets generated in the meeting and a recommendations summary 
list before the HAZOP team demobilises. Depending upon the recording 
software being used and the needs of the client, copies of the action response 
sheets can be passed on before the team demobilises. Where the client 
requires the generation of action response sheets, the normal arrangement will 
be for these to be submitted whilst the final report is being drafted. 

- Formal Close-out of session. 
A final written report will be prepared. It will typically include some the 
following, depending upon the intent of the HAZOP and the needs of the 
operator: 


e Asummary 

e An introduction 

e The terms of reference and scope 
e The methodology 

e A presentation of the main findings 


A list of recommended actions 


A list of HAZOP attendees, as an appendix 
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e = All worksheets, as an appendix 
e =6 A list of HAZOP drawings, as an appendix 
e A3 sized P+ID’s marked up with HAZOP nodes, as an appendix 


At the end of all PHAs a Recommendations Register will be produced, including all recommendations aroused 
from the PHAs executed in Phase 2. 


FOLLOW-UP and verification activities 


At the end of Phase 2 PHAs, a series of recommendations will be produced and listed for Follow-Up and 
project implementation. The follow-up activity is aimed at documenting the actions taken to address all the 
recommendations. The Person/Dept. identified in the (Action) "by" column of the Worksheets (see below ) is 
responsible for a timely implementation of the Actions arisen from the Review. 


Check List (1) Piping 


Change in Quantity High/Low Flow 
No Flow 
Reverse Flow 
Change in Physical Condition High/Low Pressure 
High/Low Temperature 
Hydrate/Ice/Slush 
Change in Viscosity/Wax 
Froth/Foam/Slugs 
Change in Composition Change in Chemical 
Gomposition/DensityfMW/CO02/H2S 
Changes in Water/Oil Cut 
Debris/Solids/Sludge/Scale 
Cross Contamination 
Too much/too little additive 
Operation Change in Mode of Operation 
Isolation/Maintenance/Purge 
Start-up/Shut-down Testing 
Commissioning 
Maintaining / Modifying 


Effect on Downstream Systems Knock-on 
Communication 
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Check List (2) - Equipment 


Vessels 


Pump 


Heat Exchangers 


Pressure deviations 
Level deviations/bunding 
Temperature deviations 


lsolation/Draining/Flushing 


Loss of Seal/Seal Flush 
Increased Solids 


Temperature deviations 
Pressure deviations 
Contamination 


Vortex Increased Specific Gravity Fouling 
More/Less Mixing Minimum Flow Leakage 
More/Less Layering Others Drainage 
Increased velocity Cavitation Flushing 
Sediment Incorrect NPSH 

Start-up/Shut-down/Purging Purging 

Fouling Dead head 

Capacity 

Dip Legs 

Compressors Filter Vents/Drains 


Pig Launcher/Receiver 


Blowdown Temperature 
Change in Pass out/Pass in (See 
Surge) 

Horse Power Limitation (See 
MW) 

Local Power Failure 

(See Segregated Operation) 
Lutes in Piping 

MW (Molecular Weight) Change 
Seals/Bearings/Rundown/Blowdo 
wn 

Segregated Operation 

(See Local Power Failure) 
Start-up/Shut-down 

Stone Wall 

Surge (See MW) 

Vents/Drains 

Auxiliaries 

Contamination (Seal/Lube) 
Control 

Leak Of f 

Reciprocating 
Loading/Unloading 

Pressure Control 

Pulsation 


Isolation 
Depressurising/Draining 
Purging 
Filling/Pressuring 
Broken Flow 
Regeneration 


Isolation 

Cross Flow/Reverse Flow 
Pressure Rise/Restriction/Choke 
High Back Pressure in Vent Line 
(Choose own valve) 
Flashing/Cooling 

Elevation Change 

Sequence in the Vent/Drain 
header 

Air Ingress 

+ Piping Check List 
Phase Flow 
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Check List (3) - General 


Access 

Area Classification 
Auto Ignition 
Blanketing 
Carcinogen/Toxic Materials 
Compatibility 
Condensation/Heat Loss 
Control 

Corrosion 

Cracking 

Cyclic Loading 
Drainage/Slope of line 
Electric Shock 

Electro Potential 
Emergency Equipment Fixed/Portable 
Erosion 

Failure Mode 

Fire 

Foam 

Frothing 

Hammer 

Impact 

Inerts 

Interlocks 

Lightning 

Metallurgy 
Monitoring 

Noise 

pH 

Pre Commissioning/Construction 
Pulsation 

Electro Magnetic 
Radiation Thermal 
Nuclear 

Rain Water/Sea Water 
Reaction (Chemical) 
Reaction (Mechanical) 
Sampling 

Spading 

Specification Change 
Start/Stop 

Static Electricity 

Short Term Exposure Level/Threshold Limit 
Value 

Syphon 

Time 

Un-revealed fault 
Vacuum 

Vibration 

Vortex 

Winterising 
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Sheet No: 
Date: 


Line No / Tag No 
Description: 


Guideword 


Deviation 


Cause 


Consequence 


Mitigation 


Ref Num 


Recommendation 


Action By 


44 


Appendix 1: Example HAZID Worksheets as high level review 


Section 1: Global issues 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


1.1 Natural and Environmental Hazards 


Climate Extremes 


Climate Extremes 


1.2 Created (Man Made) Hazards 
Security Hazards 


Terrorist Activity 


1.3 Health Hazards 


Temperature 
Wind 

Dust 
Sandstorms 
Temperature 
Wind 

Dust 
Sandstorms 


Lightening 
Earthquakes 
Erosion 


Internal and 
external security 
.malicious threats 


Riots, civil 
disturbance, 
strikes, military 
action, political 
unrest 


Pipeline and associated 
facilities are exposed to 
extremes and may cause 
failure 


Pipeline and associated 
facilities are exposed to 
extremes and may cause 
failure 


Thunderstorms 
None Identified (NI) 
NI 


Malicious damage/sabotage 


Complete system is 
designed for worst 
possible climate 
extremes. 


Complete system is 
designed for worst 
possible climate 
extremes. 


Lighting arrestor 


Complete system is 
designed as per 
standards to 
prevent erosion 


Limited access; 
Alarm in Control 
room if gate is 
opened 


No possibility 
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NI — design as per previous 
and based upon experience 


NI — design as per previous 
and based upon experience 


Evaluate 


Assess requirements, if any 
None 
None 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


1.3.2 


1.3.3 


1.3.4 


1.3.5 


Disease Hazards 


Asphyxiation 
hazards 


Toxic 


Physical 


Mental 


Endemic diseases, 
infection, malarial 
mosquitoes, 
hygiene - personal 
and/or catering, 
contaminated 
water or foodstuff 
Asphyxiating 
atmospheres, 
failure to use 
appropriate PPE, 
vessel entry, 
working in 
confined spaces, 
smoke, exhaust 
Hazardous 
atmosphere, 
asphyxiating 
atmosphere, 
chemicals in use 
Noise, radiation 
(ionising, e.g. 
radioactive scale or 
non-ionising, e.g. 
flares, UV, 
sunlight), 
ergonomics 


Shift patterns 


Personal Health issues 


Same as above 


Same as above 


Same as above 


Stress 


No possibility 


No possibility 


Noise expected to 
rise only during 
venting at the time 
of maintenance 


Unmanned 
operation 
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PPE (Personal Protection 
Equipment) are required to 
be carried essentially 


Ear plugs are required for 
this operations 


None 


Operation manual should 
clearly include the usage of 
portable H2S detector and 
PPE by the personnel. 


None 


Operation and Maintenance 
manual should clearly include 
the usage of ear-plugs by the 
personnel 


None 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


1.3.6 Transport Excessive journeys, Tiring Limited distance; 
extreme weather, Travelling schedule 
quality of roads is flexible 


1.4 Contracting Strategy 


Prevailing influence Stability and Using different standards Rules and HSE rules and regulations Ensure effective 
contractual make tracking of standard procedures should be adhered to implementation 
conditions, difficult and could cause 
contractor problems 
selection 
constraints 


Legislation Governmental All the requirements should 

contracting be fulfilled 

requirements 
External Standards Additional Same as above 

engineering and 

construction 

standards 
External Governmental HSE rules and regulations Ensure effective 
Environmental environmental should be adhered to implementation 
Constraints requirements 


1.5 Hazards Recognition and Management 


Hazard Studies HAZOP, QRA, HSEIA Studies Conduct HAZOP Qra and Implement HAZOP, QRA and 
Environmental etc HSEIA as per Company HSEIA 
studies guidelines 


Project Controls Quality assurance NPCC Quality HSE Quality manual should 
(change control, manual is available be adhered to 
interdepartmental 
involvement and 
interfaces) 


1.6 Competency 
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Guide word Potential Hazards Threats Controls Recommendations 
and effects 


Level of Indigenous Quality of local Maloperation ATHEER have similar NPCC to ensure that local 
Training workforce and set-up existing and workforce will be competent 
contractors competency will be to execute the job as per HSE 


incorporated within regulations to ensure 

corp. policies minimisation of human error 
Training Same as above 
Requirements 


Level of Technology Same as above 


48 


Section 2: Process specific items 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


2. 1 Control Methods/Philosophy 


2.1.1. 


2.1.2 


2.1.3 


2.1.4 


2.1.5 


2.1.6 


2.1.7 


2.1.8 


Manning/operations 


Philosophy 


Operations Concept 


Maintenance 
Philosophy 


Control Philosophy 


Manning Levels 


Emergency 
Response 


Concurrent 
Operations 


Start-up Shutdown 


Effect on design, 
effect on locality 
(Manned, 
unmanned, visited) 
Over simplification 


Plant/train/equipm 
ent item, heavy 
lifting, access, 
override, bypass, 
commonality of 
equipment, 
transport 
Appropriate 
technology, 
(DCS/local panels) 
Accommodation, 
travel, support 
requirements. 
Consistency with 
operations and 
maintenance, etc 
philosophies 
Isolation, ESD 
philosophy, 
blowdown, flaring 
requirements 
Production, 
maintenance 
requirements 
Modular or plant 


Any Automatic operation? 


Only patrolling is 
planned as per 
existing stations 


Well established 
procedures as per 
existing systems 
Preventative 
maintenance 
programme (PMP) 


Same as above 


Back-up systems 


Well established 
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NI 


Ensure Standard Operating 
Procedures (SOP) 


Ensure effective PMP to 
minimise downtime etc. 
Access and egress to be 
unhindered and allow safe 
working (e.g., collision free). 


NI 


Loss of utilities to be 
managed via back up 
support 


SOP to be implemented. 


PMP and permit to work 
systems to be implemented. 


Ensure effective back up 
support and periodic checks 
taken. 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


2.2 Fire bails es Hazards 


2.2.1 


2.2.2 


2.2.3 


Stored Flammables 


Sources of Ignition 


Equipment Layout 


es 


Improper storage, 
operator error 
(release), defect, 
impact, fire 
(mitigation 
measures include: 
substitute non 
flammable, 
minimise and 
separate inventory) 
Electricity, flares, 
sparks, hot 
surfaces 
(mitigation 
measures include: 
identify, remove, 
separate) 
Confinement, 
escalation 
following release of 
explosive or 
flammable fluid 
(operator error, 
defect, impact 
process control 
failure, corrosion), 
module 
layout/proximity, 
orientation of 
equipment, 
predominant wind 
direction 


procedures as per 
existing systems 


NI 


Congestion 


Layout of parallel 
equipment (filters, 
pressure reduction 
and metering) to be 
reviewed with 
regard to jet fire and 
impingement effect. 


Incorporate in QRA 
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QRA issue 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


(mitigation 

measures include: 

reduce degree of 

confinement, 

spacing based on 

consequence 

assessment, 

escalation barriers) 
Fire Protection and Active/passive None specific (NS) other Emergency response 
Response insulation, fire/gas than generic action procedure to be addressed in 

detection, HSEIA 

blowdown/relief 

system philosophy, 

firefighting 

facilities 


Operator Protection Means of escape, NS 
PPE, 
communications, 
emergency 
response, plant 
evacuation 


2.3 Process Hazards 


2.3.1 Inventory Excess hazardous NS NI 
material 
(mitigation 
measures include: 
minimise 
hazardous 
inventory, 
alternate processes 
and utility systems) 


2.3.2 Release of inventory Excessive process Refer to comment QRA aspect QRA issue 
stress, impact under impingement 
(penetration by effect and QRA 


foreign object), 
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Guide word Potential Hazards Threats Controls Recommendations 
and effects 


process control 
failure, structural 
failure, erosion or 
corrosion 
(mitigation 
measures include: 
recognise and 
minimise process 
hazards during 
design, inherently 
safe plant, 
containment and 
recovery measures) 
2.3.3 Over Pressure Offsite sources, NI NS 
process blockage, 
thermal expansion, 
connection of 
process to utility 
systems, chemical 


reaction 
2.3.4 Over/under Atmospheric NI NS 
Temperature conditions, 


blowdown, fire, hot 
surfaces, chemical 
reaction 


2.3.5 Excess/zero Level Overfill storage 
tanks, loss of 
function in 
separation vessels, 
blowby to 
downstream 
vessels 
2.3.6 Wrong Offsite Covered in HAZOP 


Composition/Phase contamination, 
failure of 
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Guide word Potential Hazards Threats Controls Recommendations 
and effects 


separation process, 
build-up of wrong 
phase (sand, 
hydrates, etc), toxic 
substances 


2.4 Operational Hazards 
Rupture of Adjacent Rupture may cause Unsafe situation Refer to comment QRA aspect QRA issue 
pipeline in the hazardous situation under impingement 
corridor effect and QRA 
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Section 3: Site specific items 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


3.1 Effect of the Facility on the Surroundings 


Geographical - 
Infrastructure 


Proximity to 
Population 


Adjacent Land Use 


Proximity to 
Transport Corridors 


Environmental 
Issues 


Social Issues 


Plant location, 
plant layout, 
pipeline routing, 
area minimisation 


Security 


Crop burning, 
airfields, 
accommodation 
camps 

Shipping lanes, air 
routes, roads, etc 
Previous land use, 
vulnerable fauna 
and flora, visual 
impact 

Local population, 
local attitude, 
social/cultural 
areas of 
significance 


3.2.1 Normal Road links, air links, 
Communications water links 

3.2.2 Communications for 
Contingency 
planning 

3.2.3 Supply Support Consumables/spar 


es holding 


Refer to Global 
section 
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NS 


Incorporate within HSEIA 


3.3 Environmental Damage 


Flares, vents, 
fugitive emissions, 
energy efficiency 


Continuous Plant 
Discharges to Air 


Continuous Plant 


Discharges to Water 


Continuous Plant 
Discharges to Soil 


Emergency/upset 
Discharges 


Contaminated 
Ground 


Facility Impact 


Waste Disposal 
Options 
Timing of 
Construction 


3.4 Utility Systems 


3.4.1 
3.4.2 
3.4.3 


3.4.4 
3.4.5 


3.4.6 


Firewater Systems 
Fuel Gas 
Inert Gas 


Diesel Fuel 
Power Supply 


Communication 


Target/legislative 
requirements, 
drainage facilities, 
oil/water 
separation 
Drainage, chemical 
storage 

Flares, vents, 
drainage 

Previous use or 
events 

Area minimisation, 
pipeline routing, 
environmental 
impact assessment 


Seasons, periods of 
environmental 
significance 


Loss of signal 


Loss of information 
in Control room 


NI 
NI 


NI 


Carried as and when 


required in 
controlled manner 


Back-up power 
(UPS) for all signals 


Alarm is provided. 
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To be addressed in HSEIA 


To be addressed in HSEIA 


To be addressed in HSEIA 


To be addressed in HSEIA 


To be addressed in HSEIA 


To be addressed in HSEIA 


NS 


NS 
NS 


NS 
NS — refer to loss of utilities 


None 


Guide word Potential Hazards Threats Controls Recommendations 
and effects 


Bar [ooms ooo 


Inert Gas Use of Nitrogen Maintenance Ensure effective control and Control and SOP 


purging procedure within SOP 
Waste Storage and NS 
Treatment 


NS 


Chemical/fuel 
Storage 


Potable Water 


NS 


Sewerage NS 


3.5 Maintenance Hazards 


Access Refer to Process — Existing 
Requirements Control Methods maintenance 
procedure to be 
followed 
Override Necessity 


Bypasses Required 


Commonality of 
Equipment 


Heavy Lifting 
Requirements 
Transport 


3.6 Construction/ Existing Facilities 


3.6.1 Tie-ins (shutdown All aspects to be NS Ensure hot tapping etc all Management and control 
requirements) within SOP and conducted under controlled 
Concurrent executed under Nothing further conditions. 
Operations strict supervision. 
As above 
3.6.2 Reuse of Material As Above Nothing further 
3.6.3 Common Equipment | As Above Nothing further 
Capacity 
3.6.4 Interface - As above Nothing further 


Shutdown/blowdow 
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Guide word Potential Hazards Threats Controls Recommendations 
and effects 


a 

Skid Dimensions As above Nothing further 
(weight 

handling/equipment 

(congestion) 

Soil Contamination As above Nothing further 
(existing facilities) 

Mobilisation/ As above Nothing further 
Demobilisation 


3.7 Contingency 


3.7.1 Geographical Plant location, NS 
Infrastructure plant layout 


3.8 Planning 


Recovery Measures Medical support, NS 
firefighting 
support, spill 
leak/clean-up 
support, 
security/military 
support, 
evacuation 
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SECTION 3 : CRITICAL ASSET IDENTIFICATION 


3.1 Introduction 


The approach to the AIMS ( asset integrity management systems ) which is to be discussed in the next chapter will 
be explained as involve several technical, operational and organizational issues: 
e Checking the identified integrity risks and if necessary update them (revision and comparison with equipment 
supplier standards and business expectations . 
e Assessing the potential impact of loss of integrity and malfunctions on the business, people and the 
environment. 
e Determine appropriate strategies for the integrity risk management (fit-for-service, residual life etc.). 
e Establishing and implementing the policies, processes and procedures appropriate for the asset management. 
e Revise and update Key Performance Targets (KPTs) and Indicators (KPIs) to monitor the effectiveness of 
processes and systems performance 
e Reviewing , revising and updating the implementation of appropriate responsibilities within organization — 
this includes the providing the tool to estimate adequate resources in terms of time, budget, resources and 
information , maintain and ensuring skills (i.e. through specific training) and of course the systems to support 
communication, cooperation and change management. 
e Effectiveness of failure and malfunction investigation 


Although not part of the context of this book the role of the internal auditing to verify how best to optimize the 
asset life cycle can be achieved quite often without major capital expenditure by better planning, improved 
training and clear statement of performance standards in testing and maintenance routines 


Particular issues that may need to be looked at , as general issues are 

° Poor understanding of potential impact of degraded, non-safety-critical plant and utility systems on safety- 
critical elements in the event of accident. 

° The need to strengthen the technical authority in the organization. 

° Ensuring there is no over complication which may blur the understanding of the state of the plant — ie 
complexity of SCADA , categorizing and recording equipment which was overdue for maintenance 
(information delay) 

° Ensuring there are no issues in cross organizational learning processes and mechanisms and lessons learnt , 
continuous improvement process. 


The auditing process, which again , is not covered in this book involves the process of 
e Interviews with operations and maintenance management personnel to understand the processes in place 
and implementation of standards and procedures 
Interviews with contractors and maintenance personnel to verify the competency 
Sampling of equipments records for completeness and compliance with procedures 
Observation of operation and maintenance work in progress for compliance with procedures 


In this chapter we cover the system for critical identification of assets. It is noteworthy to point out that the the 
IIMM (International Infrastructure Management Manual, NAMS Limited, 2011) defines Maintenance as: 

“All actions necessary for retaining an asset as near as practicable to its original condition, but excluding 
rehabilitation or renewal” 

Maintenance does not increase the service potential of the asset or keep it in its original condition, it slows down 
deterioration and delays the time when rehabilitation or renewal is required. It isa mechanism to ensure that 
assets continue to deliver the required level of service. 
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Maintenance requirements and costs change over the life of the asset. They will sometimes be apparent early in 
the life (“cradle” failures) but more typically maintenance needs increase as the asset ages and deteriorates. 
Maintenance needs and priorities also depend on asset criticality, function, geography, environment and operating 
procedures. 

Given the significant costs of maintenance over the asset life cycle and the importance of the service provided, it 
is vital that an approach to maintenance management based on world class practice is fostered within the 
organization. 

Life cycle decision making involves making choices between different mixes of maintenance, rehabilitation and 
renewal activity across an asset portfolio. Typically, maintenance costs are regarded as operational or OPEX, 

with rehabilitation and renewal being replacement capital or CAPEX costs. Maintenance cannot be addressed in 
isolation, it must be linked to the rehabilitation or renewal strategies for the asset. 

In situations where asset renewal is deferred, the condition of an asset will typically deteriorate increasing the 
maintenance need. On the other hand, an asset which is regularly rehabilitated or replaced would be expected to 
have a lower maintenance demand. 


The Anatomy of Asset Management states: “Organizations from a wide range of industries are quoting 20%, 40% 
or even 50% gains in business performance, while simultaneously controlling costs, risks and long term 
capability.”( reference 1) 

Chris Lloyd at al (including Australia’s Dr Penny Burns, publisher of the AMQI ( reference 2) writes: “Economic and 
natural resources are finite, unlike the demands made on them. Organizations seeking to make best use of limited 
resources have hard choices to make. Choices which concern the reliability and availability of physical assets are 
particularly difficult.”( reference 3 ) Asset efficacy could be added to reliability and availability. 

This contemporary thinking highlights the importance of ensuring that assets meet the required standards in 
respect of functionality, operability, durability, reliability, availability, maintainability, safety, risk management, 
effectiveness, and efficiency through the planned lifecycle of the asset. The primary objective is ensuring asset 
contribution to business outcomes continuity as well as stable, effective and efficient service delivery from assets 
to the required standard, founded on optimum asset performance 


The Institute of Asset Management: An Anatomy of Asset Management: Issue 1.0, December 2011 advocates 
that: “Most organizations that are dependent on assets (owners and operators), face growing pressure to reduce 
cost, capital investment and operational budgets!” and poses the following questions: 

- Are future business consequences understood? 

- Is the risk profile associated with the asset portfolio, and how this may change over time, understood? 

- Can planned asset expenditures be justified to external stakeholders? 

- How effectively can project spend be prioritized when facing funding or cash flow constraints? 

- Is the appropriate asset data and information to support AM decision-making easily available?’8 

This contemporary thinking goes on: “As organizations are coming under increasing pressure to deliver more for 
less, it is imperative that these types of questions can be answered. Where these decisions impact on assets, 

asset performance, risk or net value realization, it is the Asset Management communities’ responsibility to 
articulate these implications and the adoption of a holistic Asset Management approach is essential to enable this. 
Organizations that have developed their capabilities in Asset Management to a relatively high level of maturity can 
answer these questions with a high degree of confidence. This helps enormously when dealing with shareholders, 
regulators, customers, investors or politicians who do not have the time or the skills to understand the long-term 
implications of the decisions they make.” 

Application of this approach, combined with an understanding of the critical aspects that can significantly impact 
the way asset management is applied in practice, can be achieved through the development of an Asset 
Management Framework. This is then rolled out through the various elements in a controlled, structured and 
prioritized way to ensure limited resources are applied to maximum efficacy. 


World class organizations have a well defined asset management framework that they align their asset 


management practices with. 
This includes a high level alignment between the organization’s mission and vision and its asset management 
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policy and strategies. Maintenance protocols form an integral component of the overall approach to how the 
assets are managed and the maintenance policies, strategies and protocols should be guided by an all- 
encompassing an Asset Management Framework. 

Best practice asset management practices, methodologies, tools, information systems and data structures will be 
used to make decisions that optimize the balance between levels of service, risk and life cycle cost for customers 
and stakeholders. 

Asset management frameworks to be considered with respect to the Asset Maintenance Strategy and Asset 
Maintenance Manual are: 

- PAS 55 

- ISO 5500 Asset Management Standard 

- The Institute of Asset Management (IAM) 

- International Infrastructure Management Manual (IIMM) 


The aim of this section is to describe the asset maintenance activities need to be prioritized as outage time and 
budget for the maintenance work that needs to be carried out are often limited. 

With a finite quantum of time, resource and funding availability, it is critical for an organization to have a 
systematic, transparent and consistent process for identifying maintenance type and prioritizing maintenance 
activity. This framework is required for an organization to documents the rules, assumptions and logic to be used 
in selecting suitable maintenance types, and provides an organization’s asset team a framework for the decision 
making process. This will assist also the organization to maximise the return on investment and minimise the risk 
under the constraints of time and budget. 

In order to implement an optimized and prioritized maintenance regime, asset criticality and asset failure risks 
need to be assessed. This section describes the steps to be undertaken in carrying out risk and criticality 
assessment. 


Regular gap analyses of appropriate and current practices of an organization or site’s asset management strategy 
will help drive the ongoing identification of improvement actions. It is critical to evaluate and prioritize 
improvement actions in order to define the highest priority area that has the greatest impact on asset 
management outcomes. 

The asset management improvement actions should be structured around the following areas: 


- Processes improvements 

- Systems improvements 

- Data improvements 

- Implementation improvements 


Increasing the sophistication of maintenance strategy requires the optimization and balancing of technical levels 
of service, life cycle cost, and the criticality of each asset. Maintenance planning Improvement needs to be 
focussed on ongoing review and adjustment of levels of service and/or maintenance budget to achieve an 
optimized maintenance plan 


An appropriate action plan as a general approach towards identifying problems and solutions is as follows. This is 
an underlying general working concept 
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Problem Solving Deliverables Tools & Tips 

Step 

1. Define the Write a problem statement Select one problem to begin (if there are several, 
problem and consequence of failure explain 


their relationship with the one chosen) 
Include the metric this problem supports 


2. Collect data and 
evidence 


Quantify needs with 
metrics 

Collect & check data 
Establish current state 
Establish future state / goal 


“Walk the process” and document using a process 
map (if 

applicable) 

Gather data to quantify the problem with the “as- 
is” 

process, ensure data accuracy 

Establish a target / improvement goal for project 


3. Identify root 
causes 


Make a list of inputs 
Prioritize the list of inputs 


Ask “why, why, why?” to facilitate brainstorming 
Prioritize root causes by “voting” or by gathering 
data 


4. Identify 
corrective actions 


Generate solutions; either 
existing or new 
Prioritize solutions 


Brainstorm multiple solutions to address each 
cause 

Apply “mistake-proofing” if possible; what can be 
done to 

ensure the process is done correctly each time 
Assess solutions and determine which best 
addresses the 

needs 


5. Implement 
corrective action 


Pilot & implement the 
selected solution(s) 


Test the solution or process change 


6. Review action 


Review the effectiveness of 
the solution(s) 


Validate that solution provides the expected 
benefits; 
identify other changes as needed to meet target 


7. Observation to 
ensure efficiency 


Validate the change 


Gather data to determine if desired performance 
has been 
achieved over time 


8. Document the 
result 


Develop plan to monitor 
process 


Monitor and document outputs & control inputs 


3.2 Life Cycle Assessment Management 


All assets must all be properly and efficiently managed in order for the system as a whole to function as intended, 
delivering continuous services to customers, minimising failure risk, and achieving optimum economic life-cycle 
costs over the life of all assets. This involves many different work activities, including inspections, operational 
activities, planned and unplanned maintenance, rehabilitation and asset replacement over the life of the assets. 
Lifecycle activities include operating, maintaining, repairing, refurbishing, replacing, expanding or improving 


assets, and possibly disposing of them altogether when no longer required. Throughout this cycle, there are three 


key principles that underpin the effective management of public assets: 
e recognition of the economic value of assets, including economic consumption over time and delivering 


long 


e term equity to stakeholders and customers who use the service (i.e. today’s users are not financially 
penalised to benefit tomorrow’s users) 
e targeting economic efficiency using economic and risk-based analysis techniques to optimize asset 


expenditure over the asset’s lifecycle (i.e. the right actions are taken at the right time to maximise value for 


money) 
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e the role of the business as a “steward” of the assets, a long-term role that can be quantified in performance 
terms (i.e. there is a sense of responsibility for the long term well-being or sustainability of the assets). 
Even for commercial organizations, similar principles apply. Long term investment decisions in new and upgraded 
assets may also be driven by mandated standards, future service expectations, the price customers are prepared 
to pay for the service, and the level of risk. 


3.3 Life Cycle Decisions 


Asset management decisions involve selecting the most appropriate actions to take during the life-cycle of the 
asset. For example, do you do nothing, maintain, repair, refurbish, replace or upgrade an asset? Is preventive 
maintenance worthwhile on an asset? 

Typically, there is some uncertainty as to the life an asset will achieve before it “fails”, as shown by the two red 
curves, and the blue bell curve shows an expected distribution of asset lives amongst a group of similar assets. 
Intervention or management tactics will differ depending on the criticality of an asset, which in turn relates to the 
consequences of failure on the service outcome. For example, a sole pump serving an important plant would be 
regarded as critical. An intervention should be targeted earlier in the life-cycle of the asset in managing this risk. 
For assets for which failure is not critical, where there are minimal consequences and the asset can be readily 
repaired or replaced, then a “run-to-failure” strategy would be appropriate. 

In making decisions targeting economic efficiency, the following need to be considered: 

e Expected future stream of operating and maintenance costs over the lifecycle compared to the periodic 
costs of renewal or major treatments, using net present value (NPV) analysis. These represent direct costs 
to the agency and analysis should result in an internal economic efficiency outcome 

e Economic impacts of risk, which can be considered solely internally or at society level. For example, if an 
asset failure results in closure of a facility for an extended period of time there will be an economic impact 
on customers who are adversely affected as well as any direct cost impacts to the agency. Economic 
impacts can be assessed using standard risk management techniques (consequence and likelihood), and 
converted into equivalent financial terms if appropriate. 

The level of acceptable risk to the business as well as its customers also needs to be considered. For example, a 
significant investment to only marginally improve system reliability may be judged not worthwhile. Such 
consideration helps to determine the threshold for intervention. 

In economic analysis of lifecycle costs and risk, different strategies are tested and an optimal solution determined 
which maximizes economic value. High value investments or significant risks should be assessed in this way. 
Routine, lower cost, lower impact decisions typically use simple qualitative risk analysis. 


3.4 Maintenance Philosphy and Regimes 


Maintenance Philosophy is the guiding protocol and determines the application of maintenance practice. Over the 
decades maintenance philosophy has evolved from wholly reactive to various protocols of scheduled 
maintenance including amongst others: 


- Planned Preventative Maintenance (PPM) 
- Reliability Centred Maintenance (RCM) 

- Total Quality Maintenance (TQM) 

- Total Productive Maintenance (TPM) 

- Condition Based Maintenance (CBM) 

- Failure Prediction Modelling 

- Run to failure 


Each of these approaches offers benefits, and the cost of each varies. Due to the potential broad nature of an 


organisation’s asset base and the risk attached to asset failure, both direct and consequential, no single 
maintenance regime will offer the optimum maintenance solution. Leading maintenance practices involve a 
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mixture, or combination of the maintenance regimes mentioned above, tailored to the performance requirement 
of the asset and how this can be met in the most economical fashion. 


Undertaking unplanned maintenance root cause analysis is a structured process to help an organization or a site to 
improve the maintenance strategy by preventing the recurrence of asset failure. The analysis supports asset 
integrity management and reliability centred maintenance. It is a technique to help the asset team identify 
repetitive failures, providing corrective action that can keep undesirable events from occurring in future, reduce 
downtime, reduce cost of maintenance, and increase safety. 


Reference 4 mentioned at the back of this section demonstrates the importance of performing maintenance at the 
optimum level and demonstrating that under-maintaining and over-maintaining can both have unfavourable 
outcomes 


3.5 Maintenance Maturity 


The IIMM includes an asset management maturity scale so organizations can assess their strengths and 
weaknesses within each functional area — such as levels of service, demand, risk management, operations, 
maintenance, capital projects, and financial management. 

This recognizes the need for an organization to decide the level of maturity that is appropriate to the scale, 
complexity and level of risk associated with their infrastructure asset portfolio(s). 


Typically, an organization would conduct a gap analysis to identify its current position, define its desired position, 
and then develop an improvement plan to enable it to progress to the desired level in a structure and prioritized 
manner. 


There are also gap analysis tools that can be used to assess asset management practice and develop 
improvement plans. 

Successful implementation of an Maintenance Strategy and Asset Maintenance Manual will help facilitate an 
organization to move to sophisticated techniques such as RCM and FMECA. 


The quantum and timing of renewals work required depends on several factors, including: 
Nature and age of the assets and their condition deterioration pattern, and whether a condition based failure 
has occurred or is likely to occur. 

e Performance of the assets, where they fail to deliver the required service capacity. The monitoring of 
asset reliability, capacity and efficiency during planned maintenance inspections and operational activity 
can help identify non-performing assets. 

e New asset expansions or other development that may dictate asset upgrade, replacement or removal. 

e = Criticality of the assets in terms of the degree of risk to service provision, including associated financial, 
environmental and social impacts. 

e Economics. The cost of maintenance is deemed to be uneconomic when the annual cost exceeds the 
annualised cost of renewal. Economic factors may also come into consideration in order to co-ordinate 
renewals with other major works. Operating and maintenance histories are used to identify current and 
projected costs. 
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Unlike maintenance, historical renewals costs are not necessarily an indicator of future need other than on a 
broad whole of lifecycle basis. 
As described in the IIMM, renewals programs are typically based on a combination of the following methods: 

e Forward projections of historic expenditure, possibly combined with some level of judgment to make 
broad parametric adjustments. 

e Broad estimates based on replacing the asset at the end of its useful life. 

e Predictive modelling of varying degrees of complexity (from a forward works program based on staff 
judgment through to advanced mathematical techniques that have complex relationships between 
models). 

e Bottom up approaches where needs are identified via observation of defects in the existing assets and 
compiled into work bank of projects. Projects within the work bank are prioritized and then funding 
allocated until the budget is reached. 

Renewal planning requires consideration of a range of different options or lifecycle treatment strategies, 

The three generic strategies shown involve different patterns of repair, refurbishment or 

replacement. Lifecycle economics involves testing the timing and costs of different strategies, and requires good 
data on the costs of general maintenance for each. 


3.6 Performance Measures 


Contemporary asset management requires clearly defined performance measures, aligned with the Mission and 
spanning from the Mission to the operational activities conducted on the assets. 

Performance measures provide information about achievement and trends that may affect the service in the 
future. The general descriptions on the right hand side of this diagram provide a basis for developing a set of 
performance measures at each level. The more important of these measures are typically known as KPIs (Key 
Performance Indicators), as together they provide a view of overall performance. 


Performance measures for customer and technical levels of service (LoS) can be categorized as asset measures, 
financial measures, functional performance measures, and efficiency measures. These measures are typically 
known as KPIs (Key Performance Indicators) and overall performance can be illustrated as a performance 
dashboard or by an aggregation of measures. 

Performance evaluation measures the ability of the organization’s assets to deliver the required level of service. 
Technical level of service is the level at which maintenance achievements are to be assessed. 

A performance measurement system can also be used for comparison and benchmarking purposes 

The table below shows an example of a level of service and associated performance measures for response time to 
a particular failure type or fault. In this case, current performance and future targets are specified reflecting a 
desire or customer expectation for faster response than has occurred to date. It is important to note the cascade 
of information, from a level of service statement which can be communicated to a customer, using performance 
measures to establish a target. 


Level of Service and Performance Measures Example 


Level of Technical Current Target Performance 
Service Performance | Performance 
Statement Measures Year 1 Year 3 Year 5 Year 5 -10 
Failures and | Average “x” & | x=5 x=4 x=4 x=3 x=1 
service “y” hours y=10 y=9 y=8 y=7 y=4 
requests are | to attend & 
responded | restore an 
to promptly | urgent fault 
in service 
respectively 
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Mean time to repair (MTTR) is a basic measure of the maintainability of repairable items. It represents 
the average time required to repair a failed component or device. Expressed mathematically, it is the total 
corrective maintenance time divided by the total number of corrective maintenance actions during a given period 
of time. MTTR are expected to be reported in internal and outsourced contracts where a system whose MTTR is 
24 hours is generally more valuable than for one of 7 days if mean time between failures is equal, because its 
Operational Availability is higher. 


However, in the context of a maintenance contract, it would be important to distinguish whether MTTR is meant 
to be a measure of the mean time between the point at which the failure is first discovered until the point at which 
the equipment returns to operation (usually termed "mean time to recovery"), or only a measure of the elapsed 
time between the point where repairs actually begin until the point at which the equipment returns to operation 
(usually termed "mean time to repair"). For example, a system with a service contract guaranteeing a mean time 
to REPAIR of 24 hours, but with additional part lead times, administrative delays, and technician transportation 
delays adding up to a mean of 6 days, would not be any more attractive than another system with a service 
contract guaranteeing a mean time to RECOVERY of 7 days. 


Mean time between failures (MTBF) is the predicted elapsed time between inherent failures of a system during 
operation. MTBF can be calculated as the arithmetic mean (average) time between failures of a system. The MTBF 
is typically part of a model that assumes the failed system is immediately repaired (mean time to repair, or MTTR), 
as a part of a renewal process. This is in contrast to the mean time to failure (MTTF), which measures average time 
to failures with the modeling assumption that the failed system is not repaired (infinite repair rate). 

The definition of MTBF depends on the definition of what is considered a system failure. For 
complex, repairable systems, failures are considered to be those out of design conditions which place the system 
out of service and into a state for repair. Failures which occur that can be left or maintained in an unrepaired 
condition, and do not place the system out of service, are not considered failures under this definition. In addition, 
units that are taken down for routine scheduled maintenance or inventory control are not considered within the 
definition of failure. 


up time (after repair) down time (unplanned) 
Up —<—$—$S+; > > 
< > 
between failures 
Down — a eae aoe oo 
off one failure one failure one failure 


Time Between Failures = { down time - up time} 


Mean time to recovery (MTTR) is the average time that a device will take to recover from any failure. Examples of 
such devices range from self-resetting fuses (where the MTTR would be very short, probably seconds), up to whole 
systems which have to be repaired or replaced. 

The MTTR would usually be part of a maintenance contract, where the user would pay more for a system MTTR of 
which was 24 hours, than for one of, say, 7 days. This does not mean the supplier is guaranteeing to have the 
system up and running again within 24 hours (or 7 days) of being notified of the failure. It does mean the average 
repair time will tend towards 24 hours (or 7 days). A more useful maintenance contract measure is the maximum 
time to recovery which can be easily measured and the supplier held accountable. 


Equipment Availability — annual hours run of critical equipment / annual critical equipment hours availaibility 
planned * 100 ( refer to criticality assessment ) 


Completion of scheduled maintenance activities = maintenance activities completed / scheduled maintenance 
activities * 100 
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Condition and Performance 


Condition is used to describe the physical state of an asset, while performance describes its ability to deliver the 
required level of service. Most Customer and Technical Levels of Service should have either a condition or 
performance measure associated with them. Condition and performance are monitored at the operational level to 
facilitate maintenance, operational and renewal decisions. 

All measurements of customer and technical levels of service should be recorded and displayed in charts that 
allow valid year-on-year comparisons of historic and projected performance to be made and readily understood 


Intervention Standards and Work Triggers 

Condition and performance should be used along with asset criticality and risk (see Section 9.0) in making 
decisions about when to intervene, typically with a planned maintenance or renewal activity. Figure 7-3 illustrates 
the concept of defining intervention levels in terms of condition. In this diagram, multiple performance measures 
for condition are illustrated. The top line is regarded as the “network” level KPI, an indicator that reflects the 
desired minimum standard of the whole network. Some assets will be in better condition, whilst others will be in 
worse condition. 

The condition scale is typically reported on a 1 (excellent) to 5 (poor, or failed) scale. The curved line illustrates a 
typical condition deterioration profile. 

The bottom line signals the condition at which a repair work trigger occurs, for example a localised pipe repair. 
The middle line defines the average condition expectation for a specific length or node to node asset. The work 
program needs to be developed on an asset by asset basis to achieve this condition objective. 

Detailed Maintenance and renewal / rehabilitation intervention levels would be described in an organisations’ 
Asset Maintenance Manual using set condition ratings. 


EXCELLENT 


Desirable network 
target (KPI) 


CONDITION 


POOR 


Figure — Condition based assessment 

The shape of the condition curve is fundamental in predicting future condition or performance of the asset, and by 
extension the network. 

Progressive capture of condition data, in a robust and consistent manner, will allow an organization to be able to 
associate condition with the asset’s position in the life cycle — the horizontal axis in the diagram above. 


3.7 Asset Criticality and Risk 


Contemporary asset management also requires that asset managers understand and communicate the 
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relationship between performance, risk and life cycle costs at both the portfolio level and the asset level. 

At the portfolio level, this means communicating with the Board, key stakeholders, funders and regulators about 
the overall performance of the asset system, its risk profile and its funding envelope needs, and how these are 
expected to change over the planning period — which should span at least 10 years, preferably 20 years. 

At the asset level, technical staff need to perform analyses of asset criticality, condition, performance, failure risk, 
life cycle cost requirements, and to determine relative priorities for maintenance and capital renewal expenditure 
over the forward life of the asset. This requires the capture, not only of asset condition and performance data, but 
also maintenance cost histories by location at the equipment or component level. 

This need to balance the three elements of risk, service and life cycle cost for the impacts of excessive risk on the 
left hand side (such as service disruptions, health and safety issues) against excessive spend on the right (such as 
waste and inefficiency). 

Best practice asset management means the “right” level of service is being delivered, the costs are efficient, and 
the level of risk is acceptable to customers and stakeholders 


Effective condition deterioration prediction underpins proactive asset management programs and enables whole 
life cycle costs to be optimized using economic analysis. 

Current condition information along with knowledge of future service demand is an input to the prediction of the 
future state of the assets, thus facilitating multi-year financial analysis and long term planning and budget 
allocation. 


Current Risk 


Evaluation 


Level of 
Service 
Refinement 


- Likelihood of 
Failure 

- Criticality of 
Asset 


Condition & 
Performance 
Evaluation 


Level of - Deterioration 
Service Prediction 


- Service Demand 


- Risk 
Projection 
- Whole Life 


Maintenance & Renewal Planning soc 


Figure : Relationship between Condition, Levels of Service and Risk in Optimizing Work programs 


As will be discussed in section 4 on Condition and Performance Evaluation , The physical integrity of assets is 
measured by carrying out condition assessments throughout the asset’s life cycle. The level of assessment depends 
on the type, scale and criticality of the asset to be inspected. Assessment types differ from simple visual 
inspections through detailed engineering testing. 

The knowledge that needs to be acquired includes the likely physical failure mode of the asset and the likely time 


67 


for maintenance, rehabilitation or renewal 

Inspection types, techniques, intervals and the recording process all need to be addressed. 

A condition grading approach enables quantitative data consistency, as well as providing the capability to 
benchmark and compare assets among other units or authorities. For example, current practice for most water 
and wastewater agencies uses a mix of a 1 to 5 grading scale supplemented where appropriate by non destructive 
testing techniques such as CCTV or ultrasonic testing, and plant monitoring techniques such as vibration 
monitoring 


A reliable forecasting methodology is to be used for long-term planning for maintenance and renewal and the 
allocation of OPEX and CAPEX budgets. Clearly, the expected asset condition decay curve affects the optimization 
of asset interventions. 

Degradation patterns for condition and performance are key factors in establishing maintenance programs, 
upgrades, refurbishments and renewal planning for assets. There are several factors affecting the degradation 
process such as age, material, usage and environment exposure. The deterioration progression affects the 
likelihood of failure and interruption to service; and consequently, the risk evaluation of assets. A consistent 
condition inspection process will enable an organisation to determine decay curves for its assets over time. 
Markov Chain statistical modelling can then be performed to address the probabilistic nature of deterioration of 
the assets 


Demand forecasts may affect infrastructure planning in various ways, and the resulting scenarios and options 
need to be evaluated. Forecasting demand also involves risk and uncertainty. Therefore, the risk related to 
demand prediction needs to be assessed and a sensitivity analysis performed to identify the essential factors and 
any variables that could affect the decision making process. 


For prioritizing maintenance activity an organization s asset team needs to define the current condition, criticality 
rating, and risk rating of each asset and how these three factors influence the agreed level of service. 
Maintenance prioritization is evaluated against three criteria, namely: 

- Condition Rating 

- Criticality Factor 

- Asset Risk Factor 

Typically, there is a relationship between condition and the risk of asset failure. 

An approach to using these criteria in a “balancing” approach is described below. 


Example of Weighting of Prioritization Criteria 


Criteria Weighting Description 


Condition Rating 30% This example assumes a condition rating scale of 1 to 6. 

This would depend upon an organization developing a 
condition assessment manual, so the condition 

rating definition would need to be updated using this 
information 


Criticality Factor 20% Each asset for example is classified in terms of three 
categories (3=Critical, 2=Medium, 1=Non-Critical), which 
dictate the importance of the asset to the service. 


Asset Risk Factor 50% After undertaking risk assessment, each asset is classified in 
terms of four risk categories (4=High, 3=Serious, 2=Medium, 
and 1=Low) which dictate the likelihood and consequence of 
failure. 


An overall prioritization index can be determined to evaluate and prioritize maintenance activities, calculated using 
the following equation: 


Condition Rating x 30% + Criticality Factor x 20% + Risk Factor x 50% 
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The table below illustrates this example for assets with a range of rating and factor scores. The overall 
prioritization index defines the priority levels for maintenance action on the assets. 


Table Example of Calculation of Overall Prioritization Index 


Asset Information | Condition and Criticality Combined Risk Overall 
% of Contribution | 30% 20% Condition and 50% Prioritization 
Asset ID Condition Rating | Criticality Factor | CriticalityIndex | Asset Risk Index 
Factor 
Asset 1 5 3 2.1 3 3.6 
Asset 2 2 1 0.8 1 1.3 
Asset 3 3 2 1.3 2 2.3 
Asset 4 1 3 0.9 4 2.9 
Asset 5 4 2 1.6 2 2.6 
Asset 6 5 1 1.7 4 3.7 


Another factor to be considered in prioritizing maintenance is the packaging of tasks with similar requirements. It 
is essential to identify and group maintenance works that have a similar requirement such as isolation points, 
resources, skills, tools, machinery, as this is typically more efficient and cost effective than carrying out similar 
tasks separately. 

Based on the overall priority index result, assets can be “ranked” for the purposes of establishing maintenance 
levels of service, as illustrated in the table below for response times. 


Table Example of Response Times based on Priority Index 


Priority Ranking Priority index range Description Response time 
3 Greater than 3.5 Emergencies Within 4 hours 
2 Between 2.5 and 3.5 Urgent 2 days from issue 
1 Lesser than 2.5 Routine 7 days from issue 


An alternative approach is to select the most critical assets first, then use the risk assessment process to identify 
the priorities for critical assets. This approach is particularly appropriate when funding levels are highly 
constrained, and there is only sufficient available to treat the most important assets. 


An alternative structured evaluation methodology to identify critical equipment whether mechanical, electrical 
civil, or instrumentation, control or automation ( ICA ) can identify which equipment has the most serious 
potential consequences on the buisiness performance . If it fails for example consequences on the buisiness can 
include : 


e Production throughput or equipment facility / utlisation 
e Cost due to lost or reduced production 

e Environmental issues 

e = Safety Issues 

e Reduced customer satisfaction 
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Criticality is determined by integrating the probability and consequence of failure. Factors such as safety, 
environmental impact, risk to production loss, replacement cost and maintenance costs are included and 
consequence of failure can be weighted and used to determine the overall risk ranking 
a simplified assessment of assets covering operations, environment and safety impacts 


. The following table shows 


Severity 
Score Production/ Environment Safety Probability 
operations 
1 Minor or no loss of | No potential No potential for an adverse | Once in 10 years 
output adverse impact on effect on safety 
environment 
2 Minor loss of Minor Possibility of minor injury Once in 1 year 
critical unit < 6 environmental First aid only 
hours impact not 
reportable 
3 Major loss of Significant Possibility of medical | Once in 3 months 
critical units > 6 environmental treatment 
hours issues that could be 
managed 
4 Minor plant shut Major Possibility of long term | Once a month or more 
down < 6 hours environmental hospitilisation 
incident. Reportable 
5 Major plant Catastrophic Possibility of death Once a week or more 
shutdown > 6 environmental 
hours incident. Large 
impact on 
population. External 
communication 


After assessing these four factors the criticality number is scored as follows 
Criticality number = ( Sum of production, environment, safety score ) * probability 


Criticality Number 


Criticality Description 


3-24 Low criticality 
25-44 Medium criticality 
45-75 High criticality 
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APPENDIX 
Maintenance Management Best Practices — Reliability Centered Maintenance ( RCM ) 


Reliability Centred Maintenance (RCM) is an industrial improvement approach focused on identifying and 
establishing the operational, maintenance and capital improvement policies that will manage the risks of 
equipment failure most effectively. RCM is an engineering framework that enables the definition of a complete 
maintenance regime. It regards maintenance as the means to maintain the functions a user may require of 
machinery in a defined operating context. As a discipline it enables machinery stakeholders to monitor, assess, 
predict and generally understand the working of their physical assets. This is embodied in the initial part of the 
RCM process which is to identify the operating context of the machinery and write a Failure Mode Effects and 
Criticality Analysis (FMECA). The second part of the analysis is to apply the RCM logic, which helps determine the 
appropriate maintenance tasks for the identified failure modes in the FMECA. Once the logic is complete for all 
elements in the FMECA, the resulting list of maintenance is packaged, so that the periodicities of the tasks are 
rationalised to be called up in works packages. Lastly, RCM is kept live throughout the in-service life of machinery, 
where the effectiveness of the maintenance is kept under constant review and adjusted in light of experience 
gained. 


RCM can be used to create a cost effective maintenance strategy to address dominant causes of equipment failure. 
It is a systematic approach to defining a routine maintenance programme composed of cost effective tasks that 
preserve important functions. 

The important functions of a piece of equipment to preserve with routine maintenance are identified, their 
dominant failure modes and causes determined and the consequences of failure ascertained. Levels of criticality 
are assigned to the consequences of failure. Some functions are not critical and are left to run to failure, while 
other functions must be preserved at all cost. Maintenance tasks are selected that address the dominant failure 
causes. This process directly addresses maintenance preventable failures. 

Failures caused by unlikely events, non-predictable acts of nature, etc. will usually receive no action provided their 
risk (combination of severity and frequency) is trivial (or at least tolerable). When the risk of such failures is very 
high, RCM encourages (and sometimes mandates) the user to consider changing something which will reduce the 
risk to a tolerable level. 


The result is a maintenance programme that focuses scarce economic resources on those items that would cause 
the most disruption if they were to fail. 

RCM emphasises the use of Predictive Maintenance (PdM) techniques in addition to traditional preventive 
measures and recognises three principal risks from equipment failures, which are: 


e Threats to safety 
e Threats to operations 
e Threats to the maintenance budget 


Modern RCM gives threats to the environment as a separate classification, though most forms manage them in the 
same way as threats to safety. 


RCM offers four principal options among the risk management strategies: 


‘On-condition’ maintenance tasks 

Scheduled restoration or discard maintenance tasks 

Failure-finding maintenance tasks 

One-time changes to the system (changes to hardware design, to operations, 
or to other things) 


RCM also offers specific criteria to use when selecting a risk management strategy for a system that presents a 
specific risk when it fails. Some are technical in nature (can the proposed task detect the condition it needs to 
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detect ( does the equipment actually wear out with use?). Others are goal oriented (is it reasonably likely that the 
proposed task and task frequency will reduce the risk to a tolerable level?). The criteria are often presented in the 
form of a decision logic diagram, though this is not intrinsic to the nature of the process. 


Condition Based Maintenance (CBM) 


Breakdowns in industrial manufacturing systems can have a significant impact on the performance of a business. 
Expensive equipment is made idle, labour is no longer optimised and the ratio of fixed costs to output is negatively 
affected. Rapid repair of ‘down’ equipment is critical to improving performance and the process of addressing 
equipment breakdowns after occurrence is known as Corrective Maintenance. However, when equipment does 
breakdown the problems and cost can go well beyond the period of repair. Often process lines, such as Water 
Treatment Plants, require significant run time after start-up to begin producing water of the correct quality and in 
the required quantities. Because of the impact both during and beyond the immediate equipment downtime, 
facilities have sought to prevent equipment breakdown by a process known as Preventive Maintenance 


With preventive maintenance equipment is routinely inspected and serviced in an effort to prevent breakdowns 
from occurring. Such inspections are based on either calendar periods or equipment process time, and generally 
include recorded data that can be compared over time to determine if negative changes in performance indicate 
an imminent equipment problem. 

The Corrective Maintenance and Preventive Maintenance approaches have been in use for decades, but each have 
some important drawbacks. 


To try to maintain equipment at the right time, condition based maintenance is introduced. CBM is based on using 
real time data to prioritise and optimize maintenance resources. Observing the state of the system is known as 
condition monitoring. Such a system will determine the equipment’s health, and act only when maintenance is 
actually necessary. Developments in recent years have allowed extensive instrumentation of equipment and 
together with better tools for analyzing condition data the maintenance personnel of today are able to decide the 
right time to perform maintenance on equipment. Ideally condition based maintenance will allow maintenance 
personnel to limit their interventions to carrying out only the required tasks at the right time thus minimising spare 
parts costs, system downtime and time spent on maintenance. 


First and most important of all, starting to use CBM is costly partly because it requires improved instrumentation 
of the equipment. Often the cost of sufficient instrumentation can be quite large, especially if this has to be retro- 
fitted to equipment that is already installed. It is therefore important to decide whether the equipment is 
sufficiently important to justify the investment. A result of this is that the first generation of CBM usually focuses 
on vibration in heavy rotating equipment such as large pumps and motors. 

Secondly, introducing CBM invokes a major change in how maintenance is performed, and potentially to the whole 
maintenance organisation in a company. Organisational changes can be difficult to implement. 

Also, the technical side of it is not always as simple as would be hoped. Even if some types of equipment can easily 
be observed by measuring simple values as vibration (displacement or acceleration), temperature or pressure, it is 
not trivial to turn this measured data into actionable knowledge about the health of the equipment. 


Value Potential of CBM 


As operational systems get more expensive to install and maintain, and instrumentation and information systems 
tend to become less expensive and reliable, CBM becomes an important tool for managing plants in an optimal 
manner. Optimising operations will lead to lower production cost and reduced use of resources. Minimising the 
use of resources may be one of the most important differentiators in a future where environmental issues become 
more important by the day. 
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Failure Mode Effects and Critical Analysis ( FMECA ) 
Introduction to FMECA 


FMECA is an Analysis technique that facilitates the identification of potential design problems by examining the 
effects of lower level failures on system operation 


FMECA is important because it: 

e Provides a basis for identifying root failure causes and developing effective corrective actions 
e Identifies reliability/safety critical components 

e Facilitates investigation of design alternatives at all stages of the design 

e Provides a foundation for other maintainability, safety, testability, and logistics analyses 


Simple Example of a FMECA for a flashlight 


Severity of failure 

SEVERITY classifies the degree of injury, property damage, system damage, and service loss that could occur as the 
worst possible consequence of a failure. For a FMECA these are typically graded from | to IV in decreasing severity. 
The standard severity levels, defined in various national standards may be used or equipment specific severities 
may be defined. The latter of these is recommended to ensure applicability to the local environment. 

For the flashlight example above the severity levels would be: 


Part How can it fail? What is the effect? 


Item Failure Mode End Effect 
Bulb Dim light Flashlight output 
No light No flashlight output 
Switch Stuck closed Constant flashlight output 
Stuck open No flashlight output 
Intermittent Flashlight sometimes will not turn on 
Contact Poor contact Flashlight output dim 
No contact No flashlight output 
Intermittent Flashlight sometimes will not turn on 


Severity of failure 


SEVERITY classifies the degree of injury, property damage, system damage, and service loss that could occur as the 
worst possible consequence of a failure. For a FMECA these are typically graded from | to IV in decreasing severity. 
The standard severity levels, defined in various national standards may be used or equipment specific severities 
may be defined. The latter of these is recommended to ensure applicability to the local environment.For the 
flashlight example above the severity levels would be 


Severity | Light stuck in the “on” condition 
Severity Il Light will not turn on 

Severity IIl Degraded operation 

Severity IV No effect 
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Item Failure Mode End Effect Severity 


Bulb Dim light Flashlight output dim lll 
No light No flashlight output ll 
Switch Stuck closed Constant flashlight output l 
Stuck open No flashlight output ll 
Intermittent Flash light sometimes will not turn on Ill 
Contact Poor contact Constant flashlight output ll 
No contact No flashlight output ll 
Intermittent Flash light sometimes will not turn on III 
Battery Low power Flashlight output dim ll 
No power No flashlight output ll 
Criticality 


CRITICALITY is a measure of the frequency of occurrence of an effect and may be 
Based on: 

e qualitative judgment or 

e failure rate data 


Integrated FMECA 

FMECAs are often used by other functions such as Operations, Health & Safety, and Logistics. 

Coordinate your effort with other functions up front 

Integrate as many other tasks into the FMECA as possible that make sense (Operations, Health & Safety, and 
Logistics, etc.) 

Integrating in this way can save considerable cost over carrying out separate assessments and will usually produce 
a better product. 

If possible, use the same analyst to accomplish these tasks for the same piece of hardware. This improves 
consistency of approach and can be a cheaper option. 


FMECA Facts and Tips 

FMECA’s should begin as early as possible 

This allows the analyst to affect the design before it is set unconfirmed. 

If you start early (as you should) expect to have to redoportions of the FMECA as the design is modified. 
FMECA’s take a lot of time to complete. 

FMECA’s require considerable knowledge of system operation necessitating extensive discussions with 
software/hardware Design Engineering and System Engineering, Operations and Maintenance, Health & Safety. 


Examples of Condition Based Maintenance Monitoring for rotating machinery such as pumps and electric 
motors 


The most commonly used method for rotating machines is called vibration analysis. Measurements are taken on machine 
bearing casings with seismic or piezoelectricity transducers to measure the casing vibrations, and on the vast majority of 
critical machines, with ‘eddy-current’ transducers that directly observe the rotating shafts to measure the radial (and axial) 


vibration during normal operation. 


The level of vibration can be compared with historic baseline values to measure the degree of degradation and identify the 
need for intervention in the form of adjustment, calibration or replacement of the whole unit or its some of its constituent 
parts. Interpreting the vibration signal obtained is a complex process that requires specialised training and experience. One 
commonly employed technique is to examine the individual frequencies present in the signal. These frequencies 
correspond to certain mechanical components (for example, the various pieces that make up a ‘rolling-element’ bearing) or 
certain malfunctions (such as shafts out of balance or misaligned). By examining these frequencies and their harmonics, the 


analyst can identify the location and type of problem, and sometimes even the root 
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Cause. For example, high vibration at the frequency corresponding to the speed of rotation is most often due to residual 
imbalance and is corrected by balancing the machine. As another example, a degrading rolling-element bearing will usually 
exhibit increasing vibration signals at specific frequencies as it wears. Special analysis instruments can detect this wear 
weeks or even months before failure, giving ample warning to schedule replacement before a failure which could cause a 
much longer 
Down-time. 


Other techniques 


The most rudimentary form of condition monitoring is visual / audible inspection by experienced operators and maintenance 
engineers. Failure modes such as cracking, leaking, corrosion, abnormal noise levels etc can often be detected by inspection 
before failure is likely. This form of condition 

Monitoring is generally the cheapest and is a vital part of workplace culture to give ownership of the equipment to the people 
that work with it. Consequently, other forms of condition monitoring should generally augment, rather than replace, visual 
inspection. 


Slight temperature variations across a surface can be discovered with regular visual inspection and non-destructive with 
thermograph. Heat is indicative of failing components, especially degrading electrical contacts and terminations. 


Thermograph can also be successfully applied to high-speed bearings, fluid couplings, conveyor rollers, and storage tank 
internal build-up. 


Ultrasound can be used for high and low-speed mechanical applications and for high-pressure fluid situations. Digital 
ultrasonic meters measure high frequency signals from bearings and display the result as a dBuV (decibels per microvolt) 
value. This value is trended over time and used to predict increases in friction, rubbing, impacting, and other bearing defects. 
The dBuV value is also used to predict proper intervals for re-lubrication. Ultrasound monitoring, if done properly, proves out 
to be a great companion technology for vibration analysis. 
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SECTION 4 : ASSET INTEGRITY ASSESSMENT 


1 Introduction 


Asset Integrity Management Systems (AIMS) can be defined as the ability of an asset to perform its required 
function effectively and efficiently whilst protecting health, safety and the environment and the means of ensuring 
that the people, systems, processes and resources that deliver integrity are in place, in use and will perform when 
required over the whole lifecycle of the asset and assist owners and operators safely, effectively, and efficiently 
manage the integrity and realize the maximum potential from their assets during its lifecycle without harm to 
people, environment, or business. 

Asset Register 

An asset register is a business statement showing the assets that are owned. It consists of clearly stated costs of 
assets both direct and incidental, the date of purchase, the suppliers name and address, serial number, internal 
reference number, and depreciation rate and method 

Operations (POMS): 

Any piece of equipment, operated as designed, will normally yield a safe and profitable life. This is addressed in 
the inclusion of Intranet based Plant Operations Manuals (POMS) that focus on the Facilities (Processes and 
Equipment) 

Corrosion Management (CMS) 

Each item of equipment and its system has defined “degradation” management strategies that are enforced by 
the materials of design and the operating conditions. These strategies encompass corrosion monitoring and 
control. 

Corrosion Anomalies — POE (Probability of Exceedence) 

PoE leak and rupture represent anomalies such as Leak and rupture . There is also a definition of Remaining life 
PoE Leak and Remaining life PoE Rupture The Remaining life PoE is normally based on when the individual anomaly 
will reach the user specified PoE confidence limit 

Inspection Management (IMS) 

Inspection and testing is a verification that predicted degradation mechanisms are correct and that less likely 
mechanisms are not increasing risks to an unacceptable level. The inspection process is covered in the Inspection 
Management System 

Maintenance Management System (MMS) 

Maintenance, in the context of AIMS ( asset integrity management program ) , is the routine work on the assets as 
defined by the manufacturers and designers. It is considered separate from corrosion management and 
inspection but as an integrity management process it is fully integrated with those processes 

Pipeline Integrity Management System (PIMS) 

Each phase in the life cycle of the pipeline is treated in PIMS software including design (route selection, material 
selection and corrosion protection), operations (routine pigging, intelligent pigging and condition monitoring) 
removal, planning and performance monitoring, QA/QC, corrosion management, . Additional procedures support 
mothballing, pipeline defect verification etc. The Emergency Pipeline Repair System (EPRS) is a subsystem of PIMS. 
Structural Integrity Management System (SIMS) 

Threats addressed in an SIMS include corrosion and fatigue and implementation plans such as risk based 
inspection methodologies, and protective coatings are also addressed. The Lifting Equipment Management System 
(LEMS) covers lifting equipment. 

Pressure Equipment Management System (PEMS) 

PEMS addresses boilers, pressure vessels, piping, and safety equipment. Requirements for risk based inspection; 
periodic inspection and first in-service inspection are addressed along with repair, mothballing and a summary of 
methods of inspection. PSV inspection and testing requirements are covered in a subsystem of PEMS. Pressure 
equipment such as pressure vessels and piping, including the testing and maintenance of pressure relief valves and 
fuel storage tanks are also included typically in a PEMS. 

Instrumentation, controls & alarms ( ICA ) 

ICA issues are typically encompassed in Reliability Centered Maintenance (RCM) for Electrical, Instrumental and 
Alarms like on line instrumentation , pressure gauges, gas sensors etc 
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In terms of the word ‘ integrity ‘ this can be subcategorized in the following : 


Design Integrity — “Assure design for safe operations” 

Assurance that facilities are designed in accordance with governing standards and meet specified operating 
requirements 

Technical Integrity — “Keep it in” 

Appropriate work processes for Maintenance & inspection systems and data mgt. to keep the operations available 
Operational Integrity — “Keep it Running” 

Appropriate knowledge, experience, manning, competence and decision making data to operate the plant as 
intended throughout its lifecycle 


In the context of condition assessments therefore for an asset it is clear that an organization needs to follow the 
appropriate accounting basis and valuation methodologies for each category or types of assets which has been 
discussed and agreed with the management of organization . Condition data is typically used to determine the 
need and timing of some preventative or remedial action to prevent loss of service or economic loss. 
Understanding asset failure modes and risks leads to better asset management decision-making. Being aware of 
the failure modes allows effort to be focused on understanding the timing and consequences of the failure, and 
the expected expenditure patterns. The methodology use “risk” also helps to prioritize and manage the efforts of 
an asset integrity management program as an effective risk based program results in a reduced level of risk for a 
given level of inspection/management activity. In any operating plant, a relatively large percentage of the risk is 
usually associated with a small percentage of equipment. A Risk Based methodology permits the shift of inspection 
and maintenance resources to provide a higher level of coverage on the high risk items and an appropriate effort 
on lower risk equipment. 


In terms of corrosion and the types of acid attack, pitting corrosion, hydrogen blistering and cracking, sulphide 
stress / corrosion cracking etc etc may occur without proper management when not expected or not initially 
expected; existing mitigation systems might not be effective ( ie paints, overlay, plating, cathodic protection ) and 
also the process may be different from what the original design intent. 

For example in the wastewater services sector H2S is a major contributor to environmental cracking such as 
Sulphide Stress Cracking (SSC). Assessing the integrity and risk rating of components in contact will include a delve 
into the issues such as H2S partial pressure, in situ pH, Concentration of dissolved chloride, presence of elemental 
sulphur or other oxidant ,temperature ,galvanic effects , mechanical stress ,time of exposure to contact ,predictivity 
corrosion, corrosion resistance, field assessments and supplier specific material selection details etc 


An alternative example in the case of pipeline integrity assessments are the parameters of the results of 
conducting close-interval potential survey (CIS) ( ie through survey procedure of correct interruption ratio ) and 
identification of areas for additional survey or exploratory excavations and feedback of detailed surveys ( for 
example involving DC voltage gradient ,pipeline current mapping, electromagnetic survey, soil resistivity surveys, 
drainage , topography and support/ welding reviews , CCTV feedback etc ) and finally the results from any past 
fracture/ leakages and remedial actions 


It is not the purpose of this book to go into such details which need to be looked at on specific basis — It is however 
noteworthy to mention that the general principle of undertaking the details assessment of the integrity and 
condition of assets can drive enterprise value , enable more intelligent decisions about the lifecycle of the asset 
and enable the synergy of information and efforts with the owners, contractors and sub contractors involved in the 
up keep of the assets 

Plants will always have to perform some amount of routine, preventive, predictive or proactive maintenance 
Methods to determine the best cost scenario are still evolving. The questions are: how to predict an assets’ 
condition including integrating with the need for maintenance, and determination of the maintenance schedule 
proactively 
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Assessing the condition of assets need to consider the effectiveness of resources, skills, governance and 
implementation of the O & M procedures and reflect also the level of risk associated with the loss of integrity 
and/or malfunction of the assets and also in line with supplier performance specifications and good industry 
practice 


The benefits of developing a more sophisticate and exact methodology for knowing the current condition and 
performance level of an asset are: 

e Ability to plan for and manage the delivery of the required level of service. 

e Avoidance of premature asset failure, leaving open the option of cost effective renovation. 

e Risk management associated with asset failures, and mitigation of the consequences of failure. 

e Accurate prediction of future expenditure requirements through understanding remaining asset life and 

capital investment needs. 
e Refinement of maintenance and rehabilitation strategies 


2. Financial Assessment of Assets 


From a financial perspective estimates can be made of the Gross Modern Equivalent Asset Value (MEAV) as a 
vehicle for presenting asset condition information. The value is the current cost of replacing the asset concerned 
with one of a similar capability but to modern standards. 


As an accounting base for example reference is made to the IFRS accounting standards dealing with individual 
assets — property, plant and equipment (fixed assets), capital work in progress and inventories 

e IFRS—IAS 16 Property, Plant and Equipment. 

è IFRS—IAS 2 Inventories. 

e IAS 38- Intangibles. 

e IFRS 3 Business Combinations 


The aim of this chapter is not to present a financial lesson in asset valuation as this is under a different subject and 
under a strict financial discipline where issues such as accounting books, statutory , tax and insurance 
requirements prevail. The objectives of this section for example do not cover financial issues which are under the 
realm of financial disciplines and not under the objectives of this book . 


For example for issues such as following then the reader should note that examples as listed below are not 
covered or intended to be mentioned at all in this book : 
e Methods for measurement and recording of costs for capitalization and depreciation. 
e Methods for monitoring budgeted capital expenditure against actual expenditure or financial controls over the 
ownership of assets or their financial safeguarding 
è Compliance with Accounting Standards as per regulatory requirements or assets register ,assets information 
systems and financial statements 


The alternative objective of this section is to provide an overview from process risk perspective for assessing the 
condition of assets and putting a measurable and benchmarkable assessment 


2. Condition and Serviceability Overview 


Best practice use of condition or serviceability assessment is based upon having good knowledge, at an 
appropriate level, of the company’s assets in terms of condition, performance and cost of ownership. This enables 
each component of the asset base to be assessed and categorised by its ability to deliver the service required of it 
at minimum whole-life cost. Such information is used to devise optimum capital maintenance strategies, that 
combined with operational maintenance standards, ensure the best service / cost balance. 
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Asset Condition reflects the physical state of the asset, which may or may not affect its performance. The 
performance of the asset is the ability to provide the required level of service to customers. Generally this can be 
measured in terms of reliability, availability, capacity, and meeting customer demands and needs. All of this is 
critical information for determining the remaining useful life of an asset and more importantly the timing for 
possible intervention steps to bring levels of service, provided by the asset, back to a desired standard 
Other factors can also determine useful life. Factors such as: 

e Technical advances which might make the existing asset obsolete. 

e Changes in community expectations meaning that the asset no longer has the capacity to meet community 

standards. 

e Growth impacts meaning that the asset’s capacity falls short of the new demands. 

e Compliance - changing standards mean the asset becomes non-compliant. 

e Economic life - whereby the costs of continuing to operate the asset warrant it now being replaced. 


It is critical that service organisations have a clear knowledge of the condition of their assets and how they are 
performing. All management decisions regarding maintenance, rehabilitation and renewal revolve around these 
two aspects. 


Not knowing the current condition or performance of an asset may lead to the premature failure, which leaves the 
organisation with only one option - to replace the asset (generally the most expensive option!). The unforeseen 
failure of an asset can have major consequences that constitute a business risk or potential loss to the 
organisation. 


This is the any organization s objective in this area but a number of enabling initiatives must be completed first: 


e Asset inventory database with appropriate hierarchy and detail 

e Works management system to capture maintenance activity on the networks 

e Maintenance management system to capture maintenance activity and asset performance data 
e Financial systems to capture and record costs accurately against assets and activities 


The process of determining serviceability by best practice methods requires them being fully integrated into day- 
to-day operational activities for them to be effective. 


Operational assets: are the assets acquired or used in the income generating of the business — in a water utility 
this applied to items such as water network, wastewater network, water plants, waste water plants, pumps, 
reservoirs, and wells etc 


Real estate: is the land and anything fixed, immovable, or permanently attached to it such as buildings.. 
Based upon the Uniform Standards of Professional Appraisal Practice (USPAP) the following would be the 
approaches of land valuation: 

Direct market comparison approach 

Income approach 

Cost approach 


Non operational are the assets which not be used in the operations of a business such as equipment and 


machineries, motor vehicles, leasehold improvements, office equipments, furniture and fixtures, safety and 
security etc 
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2. 1.1 Physical Inspection Approaches 


In anon quantifiable manner based upon detailed information from operation and maintenance databases , a 
broad view of condition would considers an asset’s value to the business for delivering service to customers rather 
than simple physical condition; this principle takes account of best practice principles of serviceability 


In other words an asset can be considered to be in good condition when the asset can perform its required task 
reliably and at optimum cost. It can be considered poor condition to be the opposite of this. 


This approach enables us to identify assets that may appear to be in good physical condition but in practice cannot 
deliver the service required. A typical example of this would be a pump that is in perfectly good physical condition 
but has, for whatever reason, been designed or specified incorrectly and cannot meet its duty requirements 

at the required cost. We would record this as being in poor condition. Conversely a pump that may appear to be in 
poor condition on initial inspection but delivers reliable and adequate service would be considered in good 
condition providing maintenance costs were moderate. 


In order to conduct asset surveys by physical inspections only it would be expected that typically a valuation team, 
comprised of professional engineers from the business would conduct an exercise of both physical inspections and 
interviews with those people responsible for maintenance and operation t and its associated ICA and 
SCADA/telemetry equipment. This for example would record data such as for example whether pumps are duty or 
standby , the date of the last major overhaul and obtain information on the level of historic maintenance. 

In this assessment of the condition of these assets the objective would be not only to determine the remaining 
useful life of the assets , but also to some degree an understanding of whether the assets are being used 
efficiently - for example this may require hydraulic analyses to determine whether they are of adequate capacity, 
and operational information such as to interruptions in supply, plant breakdowns, preventive maintenance 
schedules and quality etc 

The data and information needed to be collected would typically include: 


e Design and as built drawings 

e GIS maps 

e Spreadsheet summaries of the system 

e System information — for example, in case of pipelines this would include copies of risk assessments , 
engineering drawings , mechanical , civil and process information covering network age , operating and 
design conditions and function by material and diameter soil type, surface type, and failure history of 
pipelines, locations and details of control and monitoring — for example valves , flow meters etc 

e Discussions with operational and maintenance staff on shortcomings of the systems 


This would enable the team to build up a detailed assessment of condition and age at a component level. These 
results can then be aggregated on a criticality-weighted basis to provide effective age and condition at the 
valuation level of process stage. 


This can be represented as: 

N=R X f (A) x f(C) 

Where: 

N = Net Book Value 

R = Replacement Cost (benchmarks) 
A = Age (known or estimated) 

C = Condition (1 to 5) 


The replacement costs used for the valuation can be based on Modern Equivalent Values using benchmarks at 
process level. The below figure illustrates how the age and condition assessments made by our survey at detailed 
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component level, are used as weighted averages and combined with modern equivalent prices to derive net asset 
values for the balance sheet. 


Balance 
Sheet 
Asset Value 


WEIGHTED 


Fixed Asset Register Deprecation 


Figure Derivation of Net Asset Value 


Using the above approach age assessment can be based on available records and knowledge of the Operation and 
Maintenance employees and other circumstantial evidence. Condition assessment can be based additionally on 
the surveying engineer’s professional judgement. The method would involve identifying, counting and 
categorizing assets based upon either standardised level of counting or the classification of assets using an agreed 
assets grading system or as an optimum based upon the tagging / labelling of the assets based upon a pre- 
established asset management database and this would entail the logging and use of bar code scanners in the 
physical site visits 


Condition of equipment comprising the assets would then be assessed typically on a scale of 1 to 5 using criteria 
appropriate to the types of asset. In general these grades reflected the following 


a) Excellent — consistently capable of achieving full design performance 

b) Good — minor defects at extreme performance levels 

c) Adequate — minor defects at average performance levels 

d) Poor — major shortcomings at average performance levels 

e) Unsatisfactory — incapable of meeting average performance requirements 


In normal accounting practice, the book value of an asset is derived from its original capitalized value less the 
amount of depreciation. The depreciation calculation is based on local accounting standards and tax regulations. In 
a simplified case of linear depreciation for example assumptions would be based upon operational assets falling 
into one of two categories; civil assets depreciated say over 40 years and Mechanical and Electrical assets say over 
20 years . The useful lives of fixed assets should be re-examined on a periodic basis. If the estimate of the 

asset’s life changes, the depreciation expense should be adjusted for the current and future periods. 
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@- Within useful life, operating well 


(B)- Premature degradation 


(c)- Operating beyond useful life 


Book 
Value 


Replacement Cost 


Condition 
assessment 


Age 
assessment 


New Useful Life Expectancy Age 


Figure — Depreciated Asset Value 


The figure above shows a line of depreciation. “A” represents an asset which has been depreciated normally in the 
accounts. However, “B” and “C” represent possible points, which this valuation recognises, where neither age nor 
condition is consistent with the original depreciation line. 


The reality of the valuation exercise is that the accounting history of the asset is not known or doesn’t exist. The 
figure below shows what we would expect to have occurred to explain the cases of “B” and “C”. 

Where an asset is in poor condition for its age, as in example “B”, this should have been reflected in the accounts 
as impairment, i.e. a premature right-off of asset value. Where an asset is still operating beyond its normal life 
expectancy, as in example “C”, this is most likely to be reflected by additional investment during its life, i.e. the real 
life of the asset is less than it seems and the total capital cost being depreciated is greater. 
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@- Within normal life, operating well 


Book 


Replacement Cost (B)- Premature degradation 
Value 


(c)- Operating beyond normal life 


New Life Expectancy Age 


Figure — Impairment and Capital Addition 


Based upon the above an algorithm would be used to combine age and condition to generate a discounting 
percentage to apply to the replacement cost and hence derive the net asset value. 


For non-operational assets , primary valuation would be based on the underlying cost information which would 
typically be obtained from the suppliers contracts, assets invoices and purchase orders . In the absence of values in 
suppliers contracts, assets invoices and purchase order records, the benchmark market pricing approach would be 
used based upon cost information for similar assets, typically obtained from suppliers. Where the values are not 
available in the benchmark markets, the next best approach would be to estimated the asset values of nearest 
possible similar assets. The effectiveness of this approach depends on a number of factors such as : 


e The extent and level of comparability of each property compared to the property under evaluation. 
e Time of sale. 

e Verification of sale data eg legal obligations or title deeds for the properties;. 

e Lack of any conditions which may be affecting the sale. 


The income approach considers the income that an asset will generate over its remaining useful life and estimates 
value through a capitalisation process. This process applies an appropriate yield, or discount rate, to the projected 
income stream to arrive at a capital value. The income stream may be derived under a contract or contracts, or be 
non-contractual, eg, the profit generated from either the use of or holding of the asset. 

Two methods which may be used under the income approach are: 


e Income capitalisation, where an all risks yield is applied to a fixed income stream, or 
e Discounted cash flow where the cash flows for future periods are discounted to a present value. 


A method for example which can be used to assess the value of the commercial properties using (the residual 
value) is based on the assumption of the best possible usage for the location and on the assumption that the 
construction was built with the highest quality and for the maximum generation of income for the land. The value 
of the real estate project is then derived by capitalizing the income through the use of the standard rates and 
requirements that are commonly used in the market and then the value of the building and the construction works 
are deducted from it to get the net value of the designated land. 
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The cost approach applies the basic economic principle that a buyer will pay no more for an asset than the cost to 
obtain an asset of equal utility, whether by purchase or by construction. Unless undue time, inconvenience, risk or 
other factors are involved, the price that a buyer would pay for the asset being valued would not be more than the 
cost to acquire or construct a modern equivalent. Often the asset being valued will be less attractive than the cost 
of a modern equivalent because of age or obsolescence; where this is the case, adjustments will need to be made 
to the cost of the modern equivalent. This adjusted figure is known as the depreciated replacement cost. 

The cost approach analysis is defined as the “the method of which is derived the value of properties by introducing 
the asset replacement cost and deduction from the estimated depreciation rate”. In order to determine the 
depreciation rate, the skills and expertise of the assessor is key to determine the depreciation factor. For 
example in the case of buildings the equation could be 

Market Fair Value = Residual Life / Useful Life of the asset x Cost of the new asset 


3. Summary of Condition Assessment Principles 


Condition Assessment should not be carried out in isolation. Related issues need to be considered, such as: 
è Risk Management. 
e Maintenance Management Planning 
è Data Collection Techniques eg Has the asset failed, or is it in the process of failing? , Is the proper process 
safety management (PSM) system in place and is it operating properly? , What is the reliability strategy? Does 
it need to be changed? , What is the implementation of O & M procedures in the site against the supplier 
initial recommendations and against optimal best practice work ?, Are there any constraints or barriers that 
inhibit the best practice? When will the asset fail again?, Can any additional opportunity costs be harvested? 
e What is the software tools available and how they are used eg PRIMAVERA Project management SIDAM 3 
data field collection, inspection management ANTEA documentation management RBI Risk based inspection 
SAP asset costs, resource planning, financial ADM maintenance analysis, reliability data, EAM , enterprise asset 
management programmes ? 
e What are the Key Performance Targets (KPTs) and Indicators (KPIs) to monitor the effectiveness of processes 
and systems performance ? 


The objectives of systems to monitor asset condition and performance should be to: 


- Identify those assets which are underperforming 

- Predict when asset failure to deliver the required level of service is likely to occur 

- Ascertain the reasons for performance deficiencies 

- Determine what corrective action is required and when (maintenance, rehabilitation, renewal) 
- Record asset failures for use in advanced AM techniques. 


The development and continued use of condition assessment data will allow preparation of verifiable predictive 
decay curves for particular asset types and hence permit prediction of remaining life. By considering the current 
condition point on an assumed decay curve, the profile can predict the effective life (time) before failure. This 
failure time can be physical end of life, minimum level of acceptable service, or limit of capacity of the asset. 

The Core approach focuses on data collection for managing risks associated with critical assets and monitoring key 
performance measures 


For passive assets the extent and repetition of condition assessment will be influenced by: 
e The type of the asset 

e The criticality of the asset 

e The relative age of the asset 

e The rate of deterioration of the asset 

e The economic value of the outcomes to the business. 
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We have made the distinction between two types of asset and the approach taken for the assessment of 
condition of these two groups is necessarily different: 


Aboveground assets which are observable and can be readily inspected. The condition assessment can utilise 
physical inspection supported by investigation of operational experience and reports obtained from appropriate 
staff and business information systems. This class of assets comprises all assets within sites, including buried pipe- 
work, and will normally be recorded within the maintenance management system asset database. These assets 
have been split into two categories: 


Civils works: For example, structures, buildings, ancillaries, pipe-work and fencing 
M&E and Control : All mechanical & electrical and control equipment 


Underground assets which are buried and cannot be easily inspected. Universal physical inspection is impossible 
or impracticable and can be severely restricted within a water utility organization to CCTV surveys of small 
diameter sewers so a condition assessment has been made based upon operational experience and reports 
obtained from business information systems. For the water utility sector this class of assets comprises entirely of 
pipes, fittings, manholes and hydraulic structures outside of operational sites. These assets are normally recorded 
in a GIS system. 


3.1 Simple Approach 


In the simple approach the use of condition grades to assign relative condition values to assets and in common 
with best practice regulatory principles is a 5-level system as used by regulatory authorities in the UK and Australia 
where: 

e Grade 1 is equivalent to best possible condition 

e Grade 5 represents worst condition 


These grades would also be linked to a likely capital maintenance requirement in that grade 5 indicates immediate 
remedial action is necessary, grade 4 would mean actionin the short to medium term etc. 

The grades and definitions are statements of general principle chosen to reflect a pragmatic assessment of an 
asset’s ability to deliver the required service. In practical terms grades 4 and 5 indicate capital maintenance 
interventions are necessary while grade 3 indicates additional maintenance interventions are required 


Rank Description of Condition 


1 Very Good Condition - Only normal maintenance required 
As New; designed and constructed to modern standards 


2 Minor Defects Only - Minor maintenance required (5%) 
Old design with perhaps minor faults but performing well 


3 Maintenance Required to Return to Accepted Level of Service - Significant maintenance required 
(10-20%) 
Visible faults and deterioration while performing adequately subject to appropriate maintenance 


4 Requires Renewal : Significant renewal/upgrade required (20-40%) 
Significant faults and deterioration, performing poorly but not critically, replacement required in 
short to medium term 


5 Asset Unserviceable : Over 50% of asset requires replacement 
Serious faults and deterioration preventing the delivery of basic service, immediate replacement 
required 
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Safety and Safety Grades 
An approach to a high-level safety assessment at sites would be similar to that used for condition assessment as 
mentioned above where 


e Grade 1 represents safety provision to modern international standards 
e Grade 5 represents and absence of safety provision or where there is a source of serious hazard. 


Safety of staff going about their work is of paramount importance and the grading reflects a high-level assessment 
of risk observed during the physical inspection of facilities. The grading is designed to highlight issues rather than 
provide detailed solutions and will be combined with detailed safety audits at representative sites to 

establish remedial programmes and implemented through an investment programe 

The survey would consider what hazards were present and whether any provision has been made to mitigate the 
risks. The grading is presented below. The grade reflects the degree to which the risks have been mitigated so 
Grade 1 reflects that all reasonable measures have been taken to modern best practice standards while Grade five 
reflects absence of provision and serious hazard risk. 


Safety Grade Safety Grade Definition 


Risk mitigation provided to modern standards 


Risk mitigation provided to old standards but in good condition 


Risk mitigation provided but with visible faults and deterioration 


AJwlnje 


Risk mitigation compromised by unserviceable or faulty assets so 
unable to provide protection 


5 An absence of any risk mitigation and/or clear source of serious 
hazard 


This system of grading is aimed at identifying observable issues that can be addressed in detail within a Safety Plan. 
Issues that may not be observable such as the presence of unbound asbestos or PCBs will be addressed by specific 
studies undertaken in a Safety Plan developed specifically for the site or organisation. The following aspects of 
safety risk would be considered: 

e Slips, trips and falls 

e Machinery (moving parts, rotating equipment etc.) 

e Electrical 

e Asbestos 

e Chemicals 

e Lighting 


3,2 Intermediate Approach 


The approach shown in the below figure involves the enhancement of the organisation’s ability to rank more 
effectively those assets that constitute a significant problem at condition levels 3, 4, and 5. 


The intermediate condition rating approach is usually expanded to suit: 
e asset types 

e failure modes 

e evidence of distress. 
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The simple and intermediate approaches allow development of predictive decay curves. The sophisticated 
approach using greater numbers of parameters, will generate more accurate curves and give greater certainty to 
the current condition of the asset. 


Rank Description of Condition 

3.0 Level of Service Maintenance Minor 

3.4 Average 

3.8 Sie 
Significant 

4.0 Requires Major Upgrade Minor 

4.2 Average 

4.4 Medi 

4.6 edium 

4.8 Substantial 
Significant 

5.0 Asset Basically Unserviceable Minor 

5.2 Average 

5.4 Medi 

56 edium 

5.8 Substantial 
Significant 


3.3 The Sophisticated Approach 
Although these sophisticated systems may allow the condition to be assessed on up to ten different parameters 
with condition scores between 0 and 1,000 they can still be broken down into the base scores of 1 to 5 if required. 


The adoption of sophisticated condition ranking systems may not be justified for all assets. However, with the 
advancements being made in AM techniques and practices, it is likely that in the future most asset owners will 
employ sophisticated methods for all their assets 


3.4. Inspection and Condition Grading Process 


In general it would be necessary for survey teams would need to made prior appointments to visit sites to ensure 
access and the presence of appropriate staff from operations to explain the context of operation and to describe 
any operational issues that were relevant to condition and serviceability assessment. Surveys should be conducted, 
as far as possible, following the process stream through the site. In the simplified approach inspections will be 
visual; where access to asset sets are for example impractical or dangerous the knowledge of operations staff 
should be used as the sole basis for the grading; for example surveyors would not enter confined spaces, such as in 
the water utility industry - wet wells, chambers etc. 

Where several similar assets made up an asset set within a functional unit, for example a pump-set within a 
pumping station or cells within a filter then the condition grade given for the set would normally reflect the 
condition of the worst component. If considerable disparity existed between components within a set, for example 
one pump may have been new, then a note would be made on the data collection forms and this would be taken 
into account at the moderation stage. 

Photographic evidence is an important aspect of the process and can be used to illustrate grading decisions, 
illustrate safety hazards etc. 

Questioning operations staff about the ability of the assets to deliver the required service is also a crucial aspect of 
the inspection process. For inspections, questions should be asked of suitably knowledgeable staff about the 
reliability of the asset and its ability to deliver the required service. The QA check for bias can for example be 
undertaken by sending teams to each others’ sites to review and amend the condition grading taken as initial, if 
necessary. 
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4 Water and wastewater utility assets 


Adopted best practice approach wherever possible is clearly the best methodology for any organization utilising 
the information existing within the business regarding the underground assets. However best practice approaches 
to reliably establish serviceability rely heavily upon the collection, collation and analysis of accurate condition and 
performance data over several calendar years. Where such information is not available to a utility, the best 
practice approach is to convene expert panels to consider what information is available and to make judgements 
Within the simplified 5-tier framework described earlier the approach necessarily adopted for assets that 

cannot be inspected was to utilise all available performance data and knowledge of asset capability. 


The following are more specific condition grading standards for a range of infrastructure types 
namely: wastewater distribution systems, water mains 


Table Example Condition Grading Criteria for Water Mains 


Grade Definition 

1 Average failure rate up to 125/1,000km/annum (more than 1,600m between failures over 5- 
years) 

2 Average failure rate greater than 125 up to 250 failures/1,000 km/annum (<1,600m but >800m 
between failures over 5 years) 

3 Average failure rate greater than 250 up to 500 failures/1,000km/annum (<800m but>400m 
between failures over a 5-years) 

4 Average failure rate greater than 500 up to 1,000/1,000 km/annum (<400m but >200m 
between failures over 5 years) 

5 Average failure rate greater than 1,000/1,000 km/annum (less than 200m between failures over 
five years). 


In cases data is not available for distinguishing pipe performance between pipe materials and diameters directly 
using mains failure data directly, condition can be prescribed by developing a guidelines given to materials and 
diameter categories of pipe — for example Concrete Cylinder Pipe water mains are normally of large diameter and 
therefore critical to network operations and service delivery in addition to pipes of Ductile iron water and Precast 
Concrete 


Condition Rating for Water Pipes 


Rating Description 

Excellent No failures. Complies with engineering standards. 

Good Few failures. Few areas not complying with engineering standards. 

Fair Failures beginning to occur. Significant areas not complying with engineering standards. 

Poor Regular failures occurring and significant corrosion. Increases operating costs resulting. Many 
must be replaced. 

Failing Significant failures and should be substantially reconstructed. 


(Source 1 http://www.municipal.gov.sk.ca/Assessment/Asset-Management/Grading-Standards ) 
Source 2 : Guide to Accounting for and Reporting Tangible Capital Assets. 
(http://www.psab-ccsp.ca/other-non-authoritative-guidance/item14603.pdf) 
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Table — Example of Condition Grade Definitions for sewers 


Condition Condition Grade Definition 

Grade 

1 No structural defects 

2 Sewers with minor circumferential cracking or moderate joint defects. 

3 Sewers with deformation 0-5% of diameter and cracked or fractured or longitudinal/multiple 


cracking or occasional fractures or severe joint defects or minor loss of level less than or equal 
to 10% of diameter or badly made connections. 


4 Sewers with deformation 5-10% of diameter and cracked or fractured or broken or serious loss 
of level more than 10% of diameter. 
5 Sewers already collapsed or deformation >10% and cracked or fractured or broken or extensive 


areas of missing fabric 


For accurate performance and comprehensive survey data for sewer networks. , CCTV information would be 
required for representative survey Size banding of sewers can also be simplified to just two bands: 

Band 1: Up to and including 700mm diameter 

Band 2: Over 700mm diameter 

It can be considered that the principal influence upon performance of sewerage network is material and 

age and in certain circumstances diameter within a material category. This is due to the progressive influence of 
hydrogen sulphide corrosion and to the fact that materials and construction practice has improved over time. 


Water Supply, Storm water and Wastewater Condition Grading Standards: Civil Structures 


Grade Condition Description 
(0) Non existant Asset abandoned or no longer exists 
1 Very good Sound physical condition. Asset likely to perform adequately without major 


work for 25 years or more. 


2 Good. Acceptable physical condition; minimal short-term failure risk but potential 
for deterioration in long-term (10 years plus). Only minor work required (if 
any). 

3 Fair Significant deterioration evident; failure unlikely within next 2 years but 


further deterioration likely and major replacement likely within next 10 
years. Minor components or isolated sections of the asset needs 
replacement or repair now but asset still functions safely at adequate level 
of service. Work required but asset is still serviceable. 


4 Poor Failure likely in short-term. Likely need to replace most or all of asset within 
2 years. No immediate risk to health or safety but works required within 2 
years to ensure asset remains safe. Substantial work required in short-term, 
asset barely serviceable. 


5 Very poor Failed or failure imminent. Immediate need to replace most or all of asset. 
Health and safety hazards exist which present a possible risk to public 
safety or asset cannot be serviced/operated without risk to personnel. 
Major work or replacement required urgently. 
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Water Supply, Storm water and Wastewater Condition Grading Standards: Mechanical and Electrical Assets 


Grade 


Condition 


Description 


Non existant 


Asset abandoned or no longer exists 


Very good 


Plant in sound physical condition designed to meet current standards. 
Operable and well-maintained. Asset likely to perform adequately within 
routine maintenance for 10 years or more. 

No work required 


Good. 


Acceptable physical condition but not designed to current standards, or 
showing minor wear. 

Deterioration has minimal impact on asset performance. Minimal short- 
term failure risk but potential for deterioration or reduced performance in 
medium term (5 — 10 years). Only minor work required (if any). 


Fair 


Functionally sound plant and components, but showing some wear with 
minor failures and some diminished efficiency. Minor components or 
isolated sections of the asset need replacement or repair but asset still 
functions safely at adequate level of service. For example, bearing and 
gland wear becoming evident and some corrosion present. Deterioration 
beginning to be reflected in performance and higher attendance for 
maintenance. Failure unlikely within 2 years but further deterioration likely 
and major replacement required within next 5 years. Work required but 
asset is still serviceable. 


Poor 


Plant and components function but require a high level of maintenance to 
remain operational. Likely to cause a marked deterioration in performance 
in short-term. Likely need to replace most or all of assets within 2 years. No 
immediate risk to health or safety but work required within 2 years to 
ensure asset remains safe. Substantial work required in short-term, asset 
barely serviceable. 


Very poor 


Failed or failure imminent. Plant and component effective life exceeded and 
excessive maintenance costs incurred. A high risk of breakdown with a 
serious impact on performance. No life expectancy. Health and safety 
hazards exist which present a possible risk to public safety, or asset cannot 
be serviced/operated without risk to personnel. Major work or replacement 
required urgently. 


(source 1 http://www.municipal.gov.sk.ca/Assessment/Asset-Management/Grading-Standards ) 


Source 2: International Infrastructure Management Manual — Version 3.0, 2006 
(http://openlibrary.org/books/OL21245688M/International_infrastructure_management_manual) 


90 


SECTION 5 : EMERGENCY RESPONSE PLANNING 


1 Introduction 


The majority of organizations and businesses recognize the need to plan for the unexpected and there are few 
organizations that do not have some form of a plan to deal with the consequences of an unwanted incident or 
disaster. For example, This could be a hazardous materials spill that may necessitate evacuation or , a severe 
weather warning that leads to concern about flooding or infrastructure damage, 


Organisations realize also to stay in business after a major incident requires careful pre-planning and this means 
taking action before an incident occurs, not after 


An the outset it is necessary to define an “emergency” and relate the definition to other non-emergency events 


Criticality can be considered as Assessment of a risk while crossing its likelinood and the seriousness of its 
consequences. Other criteria can be taken into account to evaluate the criticality, such as the ability to monitor or 
to tackle the risk. 

Contingency plan can be considered as Set of actions to be undertaken to prevent the hazard from happening 
(Preventive Actions). 

Emergency can be considered as a serious “incident”. and an Emergency plan can be considered as set of actions 
to be undertaken once the hazard has occurred (Corrective Actions). An emergency Response Plan provides “A 
professional, strategic and tactical managed response protocols: (i) to mitigate the effect of an emergency upon 
the business; (ii) that are scaled to the severity of the emergency and (iii) which set out the relationships for 
response teams, within and outside the business.” 

Emergency Response Plan provides: “professional, strategic and tactical managed response protocols: (i) to 
mitigate the effect of an emergency upon the business; (ii) that are scaled to the severity of the emergency and (iii) 
which set out the relationships for response teams, within and outside the business” 


Emergency Room -this is a location where the Strategic Response Leader and his team can plan the response and 
manage the situation. It is essential that the Emergency room remains a “quiet” area and not become a melee of 
people, thus only those appointed by the Strategic Response Leader as a part of the Strategic Response Team shall 
be permitted within the Emergency room. 


This will be the central command post should have necessary equipment and supplies including: 

Operational information: 

maps of distribution system and city maps 

engineering information 

access to other system information 

copies of standard operating procedures 

human resources information (including contract information, copies of relevant legislation, training and 

certification information, and emergency contact information) 

6. access to vital contact information (including — but not limited to - all relevant contact information for key 
staff, suppliers, contractors, and other individuals and organizations that will be needed to assist in emergency 
response.) 

7. access to information about consumers including contact information 

8. list of all chemicals stored at CBU sites and MSDS information 

9. other vital records 

Emergency Plans 


U Sw Ke 


10. copies of the Organisation’s Emergency Plan 

11. copies of the City Emergency Plan (and appendices to this plan — including a city based Flood Plan and Crisis 
Communications Plan) 

12. copies of the Water Security Emergency Plan 

13. copies of the Wastewater Emergency Plan 
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14. 


15. 


16. 


17. 
18. 
19. 
20. 
21. 
22. 
23. 


copies of relevant legislation 


Communications equipment and office equipment and supplies 


communications equipment (fax, phone, email, cellular phones, City radios, satellite phone if other phone 
networks have been affected) 

computers (laptops, desktops), printers, scanners, photocopiers, CD burners, USB memory sticks and other 
devices 

overhead projector 

laptop and LCD projector 

tape recorder, tapes 

TV (with cable access if possible) and VCR (with recordable tapes) 

AM/FM radio 

office furniture (tables/desks, chairs, lighting, bulletin boards, whiteboards) 

office supplies (blank CDs, stationary, clipboards, binders, paper, pens, pencils, highlighters, staplers, staples, 
hole punches, paper cutters, thumbtacks, masking tape, duct tape, file folders, markers (including dry-erase), 
flip chart and extra paper etc.) 


Integration with an organisation’s IT systems 


24. 


The Emergency Room should also be fully integrated with the organisation’s IT system — for example in the 
case of a water utility this will include the GIS, SCADA and Hydraulic and network modelling . It is also 
important that a member of the IT services be on hand during the emergency in order to provide any advice 
and support as necessary. 


Emergency Report, The emergency report contains normally the following information: 


Record of the names of the strategic reponse team members and their designated role, as well as any other 
person who enters the Emergency room and the Reason of their presence 
Record on the emergency situation itself : description of the situation, facilities concerned, casualties, 
property damages, equipment mobilised etc. 
Record all the actions taken and decisions made within the emergency room and by the tactical response 
team to show, as a minimum: 

e Time of the opening of the emergency room 

e Date and time of initiation of the emergency and the nature of the emergency and its level 

e Arecord of all messages 

e Records of communication with third parties 

e Records of all status reports received from the Emergency Tactical Response Leader 

e Time of the closure of the emergency situation and emergency room 


The service concerned by the emergency analyse the causes and define corrective actions to be undertaken. The 
Final emergency report is normally sent also to the organisation’s top management and for archiving in the 
emergency room. 

Incident can be defined as: “An unplanned event which has no significant affect on the service provided to business 
customers” With regard to the definitions mentioned above for an incident , although this is undesirable because 
it is unplanned and possibly draws upon the business resources to resolve within an unplanned way and inefficient 
way, an incident is not necessarily an “emergency”, which can be defined as: “An incident of such significant risk as 
to affect the ability of the business to provide the required level of customer service or in some other way adversely 
affects the day to day business as normal activities of an organization ‘ 

As an example, a failure of a pump at a pumping station is an “incident” which becomes an “emergency” if a stand- 
by pump is either unavailable or does not cut-in, causing impacts on the functional service of that pumping station 
Risk can be considered as Effect of uncertainty on objectives (from ISO 31000 — Risk Management). 

Hazard can be considered as Potential source of harm. Deviations from design or operational intent may constitute 
or produce a hazard. A single hazard could potentially lead to multiple forms of harm. 

Harm can be considered ass the consequence of a hazard occurring and may take many forms: employee, 
contractor or customer injuries, environmental pollution, financial loss risks, brand image depreciation, legal 
prosecution, etc... 
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Performance Indicator The important criterion to be measured is the frequency of emergencies. A falling 
frequency over the period of the contract will indicate a number of favourable trends: a. Improved reliability and 
sustainability of the assets; b. The effectiveness of risk management in “designing” risk out of the system; 

c. Improved workforce operational performance reducing the frequency of incidents becoming emergencies; 

d. Introduction of operational procedures to avoid the occurrence of an emergency; e. Demonstrable effectiveness 
of training provided. An indicator could therefore be Number of events for which a response is made divided by 
Number within a year , for high, medium and low events as collected from the central control room log 


Records — Evidence of historical activities that reports the outcome or result of an activity or task. Records can not 
be modified although they may be subject to updating with additional data as it is acquired. Examples include 
completed forms (regarding such things as inspections, training, manifests, etc.); monitoring log sheets, audit 
reports, incident reports, final reports and meeting minutes (compare Documents, above). 


Root Cause — The management system breakdown that permitted a substandard action or condition (immediate 
cause) to occur. Root Causes may also be referred to as System Causes or Underlying Causes. 

Safeguards can be considered as the devices that help to reduce the occurrence frequency of the deviation or to 
mitigate its consequences. Safeguards helps in monitoring, preventing or compensating the deviation. 


Strategic response will be that which is necessary to protect the business from undue criticism and will be handled 
centrally within the Emergency room. The strategic response will, instinctively, support the onsite team by 
mobilising, finding and, if necessary procuring resources — labour, materials, plant and equipment, as well as any 
specialist skills. The strategic response team will take strategic action such as changing supply systems and bringing 
in additional sources. A key task of the strategic team will be communication with external parties to be notified 
and with the media and public. 


Tactical response will be the site focused response i.e. by the repair team and local management. The tactical 
team will (i) attend to the cause of the emergency to affect a repair; (ii) otherwise end the emergency and (iii) deal 
with any local consequences of the emergency e.g. in the case of a water utility this would be property flooding 
from a sewer collapse or broken water main 


2.2 The Approach to an Emergency 


The approach to be adopted by a business unit typically for the response to an emergency is a four layer response 
as follows. 

1. Provide a procedure to trigger an emergency alert. One of the most common failings in responding to an 
emergency is the slow realization that an “incident” has or is progressing to an emergency, or that an emergency 
has commenced; 

2. Analyse the risk. When the emergency event is alarmed, the next steps are to analyse the risk by: 

a. Identifying the Nature and Reasons for the Emergency 

b. Assessing the consequences 

c. Considering the effects 

3. Determine the Required Level of Response. Only and after the risk has been analysed is it possible to ascertain 
the required level of response 

4. Manage the Emergency. The emergency event is to be managed (i) strategically and (ii) tactically, as discussed 
below 


Typically organizations will set up a multilevel organisational structure, which is functional, and includes for 
standby rotas to provide for seven days per week, 24 hours a day. There needs to be a clear escalation process that 
matches response with risk. The process is typically initiated by a Head of an Emergency Department and, as 

the level of the severity of the emergency increases, provides for Strategic and Tactical Response Leaders. 

When a crisis is identified, all necessary resources are to be mobilized promptly in accordance with the appropriate 
level of severity of the emergency. 

For example in a utility business locally, the alert is conveyed by treatment plant or pumping station operators 
and/or by network O&M staff to the central control room; is observed by the control room staff from the SCADA or 
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is notified to the control room by a member of the public or outside organisation. Depending on the severity of the 
emergency, local or national teams may be mobilized from other than the organization themselves. 


The goals of an emergency response plan are to document and understand the stages needed to: 

e Ensure the professional management of the emergency 

e Delegate authority to those required to take emergency response actions 

e The right people are in place to handle the emergency — the formulation of the strategic and tactical 
response teams 

e The resources are available, or can readily be made available to resolve and/or mitigate the situation to 
minimise the effect upon customers, the environment and the wider public 

e The response teams have at hand a full list of support and back-contacts and those to be notified at the 
start, during and at the end of the emergency 

e Provide emergency public information concerning progress on the emergency and where to obtain 
alternative water supplies and generally keep customers informed 

e A feed-back facility is in place as a means for on-going learning from an emergency 

e Develop the organisation’s experience of emergency handling through the holding of regular exercises 

e Rapidly restore business as normal service after an emergency 

e Minimise asset system damage 

e Minimise impact and loss to internal and external customers 

e Minimise negative impacts on public health and employee safety 

e Minimise adverse effects on the environment 

e Keep customers and other concerned organisations informed of progress with the emergency Respond 
positively to criticisms of performance 


It is vital that any organization developing contingency procedures must take the development of these 
contingencies seriously as a serious incident can affect the organization at any time 


1. The planning out of the system identified risks that can be removed at a reasonable cost. 

2. Secondly, for risks that have been identified — specific or generic — that cannot be designed out of the system, or 
are awaiting investment of the solution, the effects of the emergency can be mitigated: 

a. Before an Emergency by holding regular Emergency Exercises with feedback into Business Plans 

b. During an Emergency by having in place an Emergency Response Plan 

3. Finally, emergency planning includes for managing the emergency with a: 

a. Strategic response — to manage the impact on the business and is directed from a central incident room location 
b. Tactical response — the on-site action to correct the event and reduce local effects 


The organization would need to prepare a comprehensive list of all potentially serious incidents that could affect 
the normal as -is operations. Each serious incident should be given a probability rating related to the potential 
impact severity level if the incident did occur. 


Emergency planning is contained within a Risk Management approach that comprises the planning out of the 
system identified risks that can be removed at a reasonable cost and secondly, for risks that have been identified — 
specific or generic — that cannot be designed out of the system, or are awaiting investment of the solution, the 
effects of the emergency can be mitigated: 


Before an Emergency by holding regular Emergency Exercises with feedback into Business Plans and Operating 
Procedures and during an Emergency by having in place an Emergency Response Plan 


The following figure illustrates the place of the Emergency Response Plan within a risk management approach. 
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2 Developing the Plan 


The Emergency Response Plan should be maintained as a “live” document. As such the Plan is to be regularly 
updated and modified in the light of changed circumstances and experiences gained both in responding to 
emergencies and from emergency exercises. 

The goals of this plan would be to document and understand the stages needed to: 


1. Ensure the professional management of the emergency; 


2. Delegate authority to those required to take emergency response actions — for example, the informed 
supervisor or Duty Engineer has to go on site to (i) identify the nature and reasons of the emergency (ii) to 
assess accurately the consequences (classifying the situation according to severity). The specific procedure does 
give some guidance. This risk analysis is essential. It is used to trigger the emergency and ensure optimal 
management; 


3. Based upon the above step, the right people are in place to handle the emergency — the formulation of the 
strategic and tactical response teams; 

4. The resources are available, or can readily be made available to resolve and/or mitigate the situation to 
minimise the effect upon internal and external customers with the organisation, the environment and the wider 
public; 

5. The response teams have at hand a full list of support and back-contacts and those to be notified at the start, 
during and at the end of the emergency; 

6. Provide emergency public information concerning progress on the emergency and where to obtain alternative 
water supplies and generally keep customers informed; 

7. A feed-back facility is in place as a means for on-going learning from an emergency; 

8. The organisation has experience of emergency handling through the holding of regular exercises. 


A typical procedure is as follows : 
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Procedure Owner: Managing Director 

Purpose: To set out the procedure and frequency for revisions to the Emergency Response Plan and the 
methodology for issue. 

1. Methodology and type of Review 

The Procedure shall be updated under the control of the Head of the Emergency Department at a specified 
frequency as mentioned below. In order to develop the framework of the emergency response planning it is 
important that an organization or business unit sets up a dedicated committee is set up to structure and lead Risk 
Management. This normally has no specific empowerment within the organization and is aimed to be both a think- 
tank and a taskforce intending to help and propose solutions to the management of the business which is in charge 
of making appropriate decisions and implementing them. The aims would be as follows 


e Identify the business risks; 

e Identify mitigation actions; 

e Implement mitigation actions; 

e Develop crisis situation Management Strategy (emergency); 

e Develop the procedures for performing emergency drills (contingency); 

e Develop the procedures for checking and updating the efficiency of the Risk Management throughout the 
business functions. 


2. Frequency of Review 


The Emergency Response Plan shall be reviewed and updated in the event of one of the following: 
e Change of circumstances related to the commissioning and decommissioning of assets. 
e Changes in staff within posts or nominations to committees 
e Changes in the organisation structure of the company 
e Any requirement that has been specified within the Plan that has subsequently found to be inadequate or in 
some way insufficient e.g. facilities within the Incident Room 
e After an Emergency Exercise has been held and the wash-up meetings has revealed a requirement for change; 


e Any other event or happening that removes the currency of the Plan, as issued. 


3. Issue of the Plan 
The Emergency Response Plan shall be considered as a Quality Controlled Document and its issue and control be in 


accordance with the Business Quality Control Procedure. 


4. Testing and Monitoring the Plan 


Developing the plan in itself is not enough and before it can be implemented it should be vigorously tested. This 
process needs to be properly planned and carried out in as realistic and authentic conditions as feasible. The 
objective of enacting the emergency plans at any time would be also to test the procedures and simulations 
employing both operational and technical failures. To avoid complacency, regular audits of the staff 

will take place on a monthly basis to check the readiness of staff in case an incident arose. The essentials of this 
planning process and audits will include: The emphasis of the plan must be on the response to the incident and 
not the cause of the incident, the plan must be flexible - it has to work on holidays, weekends or in extreme 
weather conditions (e.g. sandstorms) , it is clearly written and easily understood and all involved must clearly 
understand their role 
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The key individuals highlighted in developing the plan need to be fully involved in any testing activities and the test 
procedures need to be documented, results recorded and any feedback used for fine tuning the contingency 
procedure. The suggested roles are mentioned below 

The organization also needs to recognizes the need to audit the plan itself and the backup arrangements 
supporting it on a regular basis. To properly implement the contingency procedures it is imperative that the 
personnel, who will be involved in implementing these procedures, are fully aware of their responsibilities and 
properly tested. 


It is also important that appropriate resources will be held available and deployed at the earliest opportunity to 
protect the interests of customers and the company’s assets. For example, adequate plant, equipment and 
emergency stores are to be available for dealing with the emergency and chemical reserves retained in case 
enhanced treatment is necessary at the treatment plants. The resources need not be owned by the buisiness but 
could be hired or otherwise made available. 


The response will be at two levels, strategic and tactical: 


1. The strategic response will be that which is necessary to protect the business from undue criticism and will be 
handled centrally within the Incident Room. The strategic response will, instinctively, support the onsite team by 
mobilising, finding and, if necessary procuring resources — labour, materials, plant and equipment, as well as any 
specialist skills from another business unit or organization for example. A key task of the strategic team will be 
communication with external parties to be notified and with the media and public 

2. The tactical response will be the site focused response by the repair or other action team, and by local 
management. 


Role of the Emergency Strategic Response Leader, SRL 
The Emergency Strategic Response Leader would normally be expected to undertake the following tasks- This 
person would manage the emergency but may choose to delegate some of his tasks, but not his responsibility for 
the management of the emergency: 
e Locate himself in the Emergency room 
e Assume full charge for the response to the emergency 
e identify the causes for the emergency and the strategic response required 
e Manage the strategic response 
e Assemble the strategic response team which can consist of specialist business unit managers ( for example IT, 
HR, O & M, logistics manager, stock manager, specific tasks manager etc. ) 
e = Maintain communication with the Emergency Tactical Response Leader and respond to all requests for 
assistance, resources an advise 
e For a higher severity emergency, appoint a log-keeper 
e in conjunction with the Public Relations Person, arrange for press-releases and handle requests from the 
media 
e Ensure that customers are kept informed of where alternative water supplies can be obtained and generally 
kept informed 
e Chairs the subsequent de-briefing meeting and prepares a report on the emergency; 
e Keeps directors and senior managers abreast of the situation 
e Notify the person immediately below them on the Emergency Response duty stand-by rotas of the 
emergency and to place them on stand-by 
e For a prolonged incident, ensures that back up for strategic response and tactical response teams is in place 
e Delegate all his regular day-to-day activities to a deputy 
e Raise the level of severity, if he considers it appropriate. This action may be taken in consultation and 
conjunction with others. 


Role of the Emergency Tactical Response Leader 
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The Emergency Tactical Response Leader would normally be expected to undertake the following tasks. The 

Tactical Response Leader is to appoint assistance as he thinks appropriate and, if the emergency is expected to be 

of long duration, assemble a stand-by team and a deputy Tactical Response Leader. 

If the “normal” response team i.e. standby gang is employed for the emergency, the Emergency Tactical Response 

Leader will assemble a second response team to cover for any other emergency that might arise. This might 

require the use of staff from say outside of the affected location and will be arranged through the Emergency 

Strategic Response Leader : 

e Immediately go to the site of the emergency 

e Appraise the situation and make a report to the Emergency Strategic Response Leader 

e Manage the on-site response and assemble the strategic response team 

e Take appropriate action to rectify the emergency and manage the on-site activities 

e If appropriate, evacuate the building and/or ensure the public are kept away 

e Request additional resources as may be required 

e Keep the Emergency Strategic Response Leader informed of progress with as early warning as possible of 
difficulties 

e Provide assistance to members of the public who may have been affected by the emergency 

e Atthe end of the emergency prepare a report upon the emergency 


Clearly, effective communication is the key to successful emergency management and communication is required 
between: 

1. The strategic and tactical response teams; 

2. Appropriate external entities; 

3. Media and other means of communication with customers; 

4. Internal support staff; 

5. Strategic and tactical response back-up teams 


3 Training 


E 


ffective emergency management requires that emergency managers have good knowledge of their 


responsibilities, that managers are trained in the use of a comprehensive emergency plan, and that the team of 
emergency managers works effectively together. 


The organisation should ensure that specific emergency response training is to be provided regularly in: 


a. The implementation of the Emergency Response Plan, in particular: 
(i) The recognition of an emergency 

(ii) Identifying the seriousness of the event 

(iii) Dealing professionally with an emergency 

b. Communication skills in an emergency 

Č; Record keeping during an emergency 


Other training requirements (including technical and safety training) may prove necessary and will be identified 
through the emergency exercises and/or the various senior managers following an emergency event or not. 

The exercise should be used to test the efficiency and capability of the organisation to react professionally and 
competently to an emergency as well as the adequacy of the Emergency Response Plan’s components. 


The nature of the exercise shall be determined by the senior management of the organisation based upon likely 
scenarios that could occur. 

The only advance notice of the exercise shall be a general note to all staff that say, an exercise will be held within 
the next 4 weeks. The exercise say , can be held anytime within that four week period. Senior managers of the 
organisation are also not normally informed of the date or nature of the exercise. 
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Unless otherwise considered as a special need, the exercise shall take place during “normal” working hours. The 
exercise can be conducted when key players are not available due to leave, training, meetings or other such 
reasons in order to test the standby procedure 

The note shall also set out the extent to which the exercise is to be played out. For an exercise that is simulating a 
burst main, for example, this will usually be limited to people attending a site, checking location and operability of 
valves but not actually operating the valves; checking availability of plant and repair couplings etc. 

The exercise is to be given a code name and all messages prefixed with the words: “For the purposes of Exercise 
[Name] only” to differentiate from a real emergency. 

During an exercise, all procedures, actions described in the various component and procedures of the emergency 
response applies with the exception of external bodies/entites (e.g. fire fighters) unless previously agreed with 
them. 


During the exercise, participating staff shall maintain a record of their actions, communications made and other 
information that will be required for the subsequent debriefing meeting. 


Following the exercise, a debriefing meeting shall be held to which key players are to be invited. The actions taken 
within the exercise are to be critically discussed as an aid to improved performance. 

After the debriefing meeting the Managing Director or a person designated by him is to prepare a report of the 
exercise and, if required, amend the Emergency Response Plan. 


Notes 


1. Informal training may be done with video simulations of emergencies or refresher programs. 

2. Reviewing emergency case studies may help managers understand emergency scenarios, and achieve 
consensus on what was done well, and what could be done better. 

3. The organisation’s emergency Team should share news stories about industry related emergencies in other 
countries in the world in order to stimulate discussion and stay up-to-date. These news stories may also be 
used to stimulate discussion about how to improve emergency management and the emergency plan. 

4. The organisation’s Emergency Team should participate in annual emergency management scenarios (see 
below). 


Emergency Scenarios 


The scenario should be planned in such a way as to avoid having it be interpreted as a real occurrence. Care must 
be taken to avoid alarm. It is important that all written material and oral communications clearly indicate that ‘this 
isa drill.’ 


1. Identify the aim of the exercise: 
a. Are you trying to build a basic familiarity with the plan? 
b. Do you want to test the entire plan or do you want to test select components of the plan? Are you 
interested in using specific documents? 
Are you testing activation decisions? 
Are you working on incident assessment skills? 
Are you trying to encourage team building? 
Do you want to test communication among the organisation’s Emergency Team, Emergency Operations 
Control Group? 
g. Do you want to include all of the agencies involved in incident response? 
h. Do you want to work on effective communications with the public, media and special users? 
2. Identify the constraints: 
a. How much time can you commit to the exercise? 
b. What resources can you commit to the exercise? Can all team members participate in the exercise? Can 
staff members participate in the exercise? Will the exercise be interrupted to allow normal business 
operations to continue? 
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3. Develop an exercise that will be a positive experience. 

a. Start with simple exercises, and work up to more complex exercises. 

b. Set objectives that are attainable. Do not attempt to test the group to the point of failure. 

c. Determine whether the team should be told the basic characteristics of the planned scenario in advance 
to allow review of relevant documents. 

4. Determine what type of exercise is appropriate. 

a. Ina static (or tabletop) exercise, an emergency scenario is created on paper. Successive events are 
presented on paper, by a facilitator who is present in the meeting room, by incoming telephone calls, or 
via radio messages. These are simple to run, and require few resources; however, they only test some 
aspects of emergency response. In addition, the exercise must be planned carefully to ensure that the 
limitations of the exercise do not preclude effective emergency management. 

b. Telecommunications exercises are used to test the effectiveness of emergency notification systems, 
communications systems, and may be used to analyze effectiveness of risk communications with the 
media and the public. Telecommunications exercises may not require the assembly of all members of the 
organisation’s Emergency Team. 

c. Field exercises are the most complicated type of emergency scenario. They test information flow and 
decision-making under realistic conditions. During a field exercise, all members of the organisation’s 
Emergency Team should be assembled and a Command Post should be established ). The organisation’s 
staff may be involved in response activities and on-site investigations may be performed, depending on 
the characteristics of the scenario. 

5. Setting up the exercise 
a. Isthis a static, telecommunications or field exercise? 

Plan a schedule of exercises. 

Create a scenario, and a sequence of events. 

Identify the information needs of the group, and plan appropriate cues. 

Review the scenario, sequence of events and cues to determine the appropriate responses of the 

organisation’s Emergency Team. If the team does not earn the information required to keep the exercise 

on track, the facilitator may interrupt the exercise when it is appropriate and provide the required 
information. The problem in the exercise or in team responses should be reviewed later. 

f. Identify any control or safety requirements. 

Identify staff requirements. 

Identify resource requirements: 

i. Assemble maps showing all facilities 

ii. Obtain all necessary forms 

iii. Gather an adequate number of emergency plans 

iv. Set up a meeting room with a blackboard or a whiteboard, an overhead projector, a flip chart, 
communications tools (radios, telephones, fax, computers), and any other requirements. 

v. Create message cues, and determine how they will be delivered. 

i. Plan site preparation and clean-up. 

j. Plan debriefing. 

6. Explain the expectations of the exercise. Note that this is a friendly exercise, designed to be used to determine 
the adequacy of emergency management tools and training, rather than as a test of individual member’s 
performance. 

7. Give the participants instructions: 

a. You will be given a scenario, with necessary information at the outset. Your actions will determine what 
additional information you obtain. 

b. Use appropriate procedures and other documentation. 

Document your actions and fill out applicable forms. 

d. Plan response activities with the assumption that adequate staff and resources are available. Document 
your intended responses. 

e. Do not operate equipment. 

Be careful to always indicate on papers and in oral communications that ‘this is a drill.’ 

g. Communications with outside groups, including the public, media and staff who are not involved in the 
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emergency scenario should be simulated by contacting the facilitator. 

8. Perform the exercise. 
9. Immediately debrief all participants. 

a. Assess the success of the exercise and make recommendations for improvements. 
Recommend changes to the emergency plan. 
Recommend changes to task allocation among the organisation’s Emergency Team Members. 
Evaluate the effectiveness of communications among the organisation’s Emergency Team members. 
Evaluate the effectiveness of decision-making of the organisation’s Emergency Team. 
Evaluate the effectiveness of communications with other agencies (if applicable). 
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4 Resilience 


In the event of a credible warning or threat of a potentially serious incident or circumstance, the organisations’ 

Emergency Team should be informed immediately. The team may decide to activate the Emergency Plan 

Alternatively, the team may prefer to remain in an alert condition. During an alert situation the buinsess 

operations may be changed, and the team should be kept informed of changes in circumstances, , for example as 

follows for a water utility - but formal implementation of the plan is not required 

Example of Water Utility - Ensuring maximum resilience in the system 

1. Ensure maximum resilience in the system. This may involve increasing the amount of water in storage by 
filling reservoirs and towers, switching operations to generator power, implementing water use restrictions , 
etc. 

2. Consider implementing precautionary water-use restrictions. 

3. Consider shutting down or increasing monitoring of sources or areas of the distribution system that may be 
affected by the incident. 

4. Determine whether to isolate areas of the system or turn off non-critical sources. 

5. Prepare for the loss of electrical power or telephone lines. Do computerized control systems operations need 
to be altered? Should operations be set to manual mode in anticipation of loss of phone systems or failure of 
computerized control systems? 


5 Simplified Assessments 


The aim of hazard identification is to identify all relevant potential causes of harm to people, damage to the 
environment and damage to property. Once hazards are identified they can be assessed and if necessary avoided, 
prevented or controlled. 


Hazard identification techniques used should be: 


Formalised: The hazard identification should be carried out according to a documented procedure. 

Thorough: The hazard identification process should be complete within a boundary, which should be defined 
beforehand. 

Repeatable: Experienced personnel carrying out the same hazard identification exercise should furnish similar 
results. 

Structured: The procedure used should ensure that adequate attention is given to all parts of the plant, procedures 
or other items under study and that nothing is missed. 


The technique selected for a particular application should take account of the specific requirements of that 
application, especially the end use of the hazard identification process. 

The output of the hazard identification process should be followed up to ensure that risks are assessed and control 
measures implemented as appropriate. Typically, a hazard identification type study will result in a series 

of actions such as the requirement to: 


e Modify the design of plant. 
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e Modify operational procedures. 

e Modify maintenance procedures. 

e Evaluate the need for modifications to plant, procedures or maintenance activities. 
e Carry out more detailed assessments. 


An appropriate action tracking system should be used to ensure that all actions are carried out and closed out ina 
timely fashion, including further actions and recommendations that may result from detailed studies. The action 
tracking system should record all data necessary to ensure that the action is properly closed out including: 


As part of the preparedness for emergency response planning also the understanding of hazards should be clear 
with the associated use of the Management Information System ( MIS ) — where accessing data and other 
information from the MIS will mean that the data is current and common to all users. It follows that data held on 
the MIS for the hazards applicable to the business unit should be accurate and current and that hardware is 
available so that those who require the data, can freely access the MIS. 

Hazards can be classified regarding their causes and consequences — further example is provided in the Appendix 1 


Causes Consequences 


Customer non-satisfaction 
Legal prosecution / fees 


Deviation from: 

- Customer expectations; 
- Regulatory Rules; 

- Business policies. 


Quality management 


Hazardous situation 
Unsafe practices 


Health and Safety 
Management 


Injury or diseases for: 
- Employees 

- Contractors 

- Customers 


Environment protection Environment pollution or damages 


A simplified approach can be as follows with example taken for a water utility company, where the risk rating would also effect 
the escalation and level of management involvement 


Probability —________L_y 


Severity —— >» 


Where High Probability and High Severity = 


High 


Moderate 


Low 


High — Crisis 


High probable events 
for area or region 


Vandalism or terrorism 
Chemical spills 
Microbial contamination 


Earthquake 


Moderate - Disruptive 


Failure of a delivery 
main 


Severe winter weather 


Large fire 


Low -Manageable 


Construction accident 
Failure of IT systems 


High risk 
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and Low Probability and Low Severity =Low risk 


Definitions of severity 


Severity level 


Severity Indicators 


Example ( for water utility ) 


Level 0: No adverse affect upon the ability of the business to No impact to customers at 
An maintain a normal service to customers. all 
Incident 
Low - a.Customers/public may be affected but no widespread Destruction, malfunction or 
Manageable consequences and incident can be managed by local staff; | failure would have no 
b. There is adequate storage capacity to see the immediate effect on 
emergency through or additional water could be made service operations or 
available from other sources; resources. (Financial 
c. No adverse public reaction is expected; Impact) - These items 
d. Unsatisfactory water quality sample from local area; would affect the availability 
e. Low security threat. of water, but would not 
affect essential uses of 
water. For example, loss of 
some water supplies could 
lead to the need for 
reducing water demand, 
but not to the extent that 
would lead to serious 
impacts upon consumers. 
Moderate - a. Widespread affect on the organization ability to Destruction, malfunction or 
Disruptive maintain a service with adverse consequence to the failure while not 
public; immediately affecting 
b. Due to the complexity of the incident, access problems | emergency operations 
or availability of spare parts etc., the duration of the could affect public safety 
emergency is likely to be such that water storage function, resources and 
volumes will be seriously depleted with consequential public services in the short 
expansion of the area initially affected; or long term. (Service 
c. Critical customers are affected and media attention can | Disruption) The 
be expected; infrastructure in this 
d. Medium security threat; category could affect water 
availability (due to 
shortage, or water 
distribution problems) in 
areas of the city, but the 
situation is not severe 
enough to affect public 
health or safety. 
High - Critical a. An incident that will cause severe public reaction with Destruction, malfunction or 


potential serious affect upon the business image and 
reputation. 

b. High level security threat; 

c. Anon organisation related incident that has serious 
consequences 

At this level also an emergency might develop into, or 
immediately be a “crisis”. Such events are rare but may 
occur. Such incidents by their nature would normally also 
be too great for the business to tackle alone. 


failure of these items 
would have an immediate 
effect on emergency 
operations and public 
services. The critical 
infrastructure of an 
organisation represents 
those components of the 
infrastructure which if 
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They would in all probability require the assistance of the 
outside agencies ( eg police , military etc ) and would be 
tackled at regional, if not national level. 


destroyed or seriously 
damaged could for 
example contribute to a 


severe water shortage, lead 
to an inability to maintain 
sewage lift or treatment 
operations, seriously affect 
drinking water distribution 
or alternatively affect the 
availability of water for 
fighting fires 


An alternative more sophisticated approach would be to utilize methodological tools such as the Ishikawa diagram 
(also known as the 6M Methodology: Manpower, Material, Method, Milieu, Machine, Measurement). 
The criticality of a risk is defined as C=Lx$ 


Severity 
Low Medium High Very high 
ə Permanent High High Extreme Extreme 
= Frequent Moderate High Very high Extreme 
= Occasional Moderate Moderate High Very high 
Unlikely Low Moderate High Very high 
Rare Negligible Low Moderate High 


The likelihood means the probability for a hazard to occur. It can be evaluated regarding the following table 


Frequency Likelihood Rating 
Once a day Permanent 5 
Once a week Frequent 4 
Once a month Occasional 3 
Once a year Unlikely 2 
Rare 1 


The severity of a hazard means the seriousness of its consequences if it occurs. 


Consequence 
Quality Health & Safety Environment Severity Rating 
Deviation from regulatory Death Irreversible effects or wide area Very high 4 
rules impacted (more than 1km ) 
Deviation from international | Irreversible effect Long-term reversible effects, High 3 
standards Impact area around one hundred 

meters 
Deviation from the Accident with work | Short term reversible effects. Medium 2 
organization’s leave - reversible Impact area around ten meters 
Policies effects 
Deviation from Minor injuries, Negligible impact Low 1 
Site / company rules without work leave 
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For risk whose criticality is rated beyond 8, the risk control level shall be assessed. 
It is calculated by the formula Ct = Mt x Mn 

Where: 

Mt means the mitigation of the risk 

Mn means the monitoring of the risk 


Mitigation Rate Rating 
No mitigation measure. Very low 4 
few mitigations actions currently exists Low 3 
Every mitigation action is undertaken High 2 
Every mitigation action is undertaken, tested with records of the results and enhanced if | Very high 1 
needed. 

This criterion evaluates the monitoring of the risk. It could include either technical equipment 

(probes, detectors...) or management scheme (legal review...). 
Monitoring Rate Rating 
No monitoring system.. Very low 4 
A few monitoring systems currently exists Low 3 
Every monitoring system is implemented High 2 
Every monitoring system is implemented, tested with records of the results and Very high 1 


enhanced if needed.. 


Once the risk are assessed and their criticality and level of control are calculated, the global risk level can be 


calculated by RL=C x Ct. 


The final ranking according to the Global Risk Level will highlight the risks that should be tackled in priority. 
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Appendix : Risk Assessment Matrix 


Risk Assessment Risk Control Ranking | Related Comments 
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In the above example there may be additional or alternative codes to suit the business applications — for example 


Processes / subprocesses involved 


AM Asset Management 


CD Capital Delivery 


CS Customer Services 


ICT Information and Communication Technologies 
ISS Industrial Security and Safety 
OM Operating and Maintenance 
P&C Procurement and Contracts 
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Causes 


Mgmt Management (involvement, distribution of information...) 
Mnpw Manpower (skills, knowledge...) 

Mthd Methods (procedures, Guidelines...) 

Eqpt Equipment (gears, tools, devices) 

Mat Material (raw product, data, environment...) 


Consequences 


Emp H&S Employee health and safety 
Cont H&S Contractor health and safety 
Cust H&S Customer health and safety 
Asset dmg Asset damages 

Env. Environmetal pollution 

Leg. Legal prosecution 

Fin. Financial loss 


Criticality 
L Likelihood 


1 Rare 

2 Unlikely 
3 Possible 
4 Likely 

5 Certain 


S Seriousness of consequences 
1 negligeable 
2 Marginal 


3 Critical 
4 Catastrophic 
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SECTION 6: RISK REVIEW CHECKLISTS 


1 Introduction 


Webster’s New Collegiate Dictionary defines sustainable as “maintain, or cause to continue, in existence or a 
certain state.” The word ‘sustainable’ is now used to define a world that is able to “maintain in existence” all life 
that now exists. To attain that goal, human activities will need to change. With respect to the utility sector this 
means the efficient and economic use of the utilities without losses or upsets In a related vein, inherently safer 
processing addresses the need to prevent catastrophes that not only pose immediate danger, but also can result in 
environmental contamination. The challenge is therefore to have the sustainable processes that not only meet the 
definition above, but that are also profitable, meet or exceed regulations, satisfy customers needs, maintain 
support from the customers, and fulfill the capacity building and institutional strengthening needs of the 
organization 


The International Process safety Group (IPSG) and the AlChemE Center for Chemical Process Safety (CCPS) have 
published a working definition of Inherent Safety Design which will be applied in this section to the review 
checklists as a general means of risk mitigation as well . There are the following four key words for mitigations. 
Decision for the mitigation measures may quite often be dependant upon further studies eg modeling, further 
sampling and analysis , trials etc — but the below checklist provides an indicative start towards assessing the risks in 
your working places 


Minimize: (or intensify): eg reducing the period of risk or for example in the case of use of hazardous chemicals 
using smaller quantities 

Substitute: eg changing the working conditions or O &M parameters which the risk is exposed to — or for example 
using less hazardous materials, processes, conditions. 

Moderate: (or attenuate):reduce risk conditions through change in O & M, design conditions or in the case of 
chemicals using less hazardous conditions of forms of substance. 

Simplify: eliminate unnecessary complexity, “user friendly” plants or design processes that eliminate unnecessary 
complexity and are tolerant to human error. In this case it should also be noted that the use of Human 
Factors/Ergonomics is defined as the systematic process of designing for human use through the application of our 
knowledge of human beings to the equipment they use, the environments in which they operate, the tasks they 
perform, and the management systems that guide the safe and efficient operations . Keeping it simple, stupid’, 
whether in design or operation, is general seen as key to encouraging good human performance. However, the 
disadvantage of the simplification concept is that it can engender boredom, which can result in errors. In this 
respect ensuring operators are involved earlier in plant design and modification is important as is also ensuring 
control rooms and systems were are designed with ergonomic and practical issues for the optimization of O& M 
activities including issues such as validation of data inputs, screens and graphics, ‘alarm flooding’, simplicity and 
consistency. Simulations in operator rooms might be used for emergency situations. 


The below checklists are intended to be a representation only and not an exhaustive or comprehensive list. The 


below is intended to show the reader the need to develop a unique checklists for review, auditing and verification 
based upon site or business specific needs 
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2 General Example of Global Checklists 


Requirement 


Y/N 


Comments 


Minimize 


Substitute 


Moderate 


Simplify 


1.0 General Health & Safety Management 


1.1 Accidents, Diseases and Dangerous Occurrences 


Are accident and incident reporting systems in place 
for all contractors and sub-contractors? 


Are all accidents reported and investigated? 


Are recommendations from accident investigations 
and audits properly implemented? 


1.2 General Safety Management 


Has a health and safety policy statement been 
prepared and is it displayed on site? 


Have site rules been prepared and implemented? 


Has a system for monitoring compliance with Site 
health & safety requirements been implemented? 


Is there a permit to work system in operation? If 'yes', 
is it operating satisfactorily? 


Does the business audit compliance with ISO/OSHA 
HSE requirements? 


Has the issue of a multi-lingual site been adequately 
addressed? 


Are safety signs and notices displayed in appropriate 
languages, so as to be readily understood by all 
persons on site? 


Is there a regular Site HSE safety meeting? Do 
representatives from all contractors and cub- 
contractors attend? 


Have separate pedestrian and vehicle access points 
and routes around the site been provided? If not, are 
vehicles and pedestrians kept separate wherever 
possible? 


Have one-way systems or turning points been 
provided to minimise the need for reversing? 


Where vehicles have to reverse, do properly trained 
banks men control them? 


1.4 General Personnel Safety and Training 


Has suitable protective equipment, e.g. hard hats, 
high visibility clothing, fall arrest harnesses, overalls, 
safety boots, gloves, eye protectors, respiratory 
protection equipment and life jackets been provided 
where appropriate? 


Is the equipment in good condition and worn by all 
who need it? 


Do appropriate items of the PPE supplied (e.g., hats, 
overalls) clearly identify the employer? 


Has suitable protective equipment, e.g. hard hats, 
high visibility clothing, fall arrest harnesses, overalls, 
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safety boots, gloves, eye protectors, respiratory 
protection equipment and life jackets been provided 
where appropriate? 


Have suitable toilets been provided and are they kept 
clean? 


Is suitable clothing provided for those who have to 
work in wet, dirty or otherwise adverse conditions? 


Does the facility have a chemical safety specific 
training program on safe use and handling of chlorine 
that is documented for employees, new hires, 
contractor. 


Are accidents and incidents investigated and reviewed 
with operating personnel 


Is a current MSDS available for all chemicals used 


Are warning signs, Chemical Safety Wall Charts, 
and/or other safety information used and visible 


Does the facility have a Personnel Protective 
Equipment (PPE) policy for chemical loading and 
unloading? 


Does the facility have a policy for respiratory 
protection in all aspects of chemical handling and 
emergency response? 


Are safety showers and eyewash stations adequately 
located and easily accessible from all areas of the 
unloading site? 


Are the safety showers and eyewash stations 
periodically inspected for proper operation? 


Are there facilities for changing, drying and storing 
clothes? 


Is drinking water available? 


Is there a site hut or other accommodation where 
workers can sit, make tea and prepare food? 


Are welfare facilities easily and safely accessible to all 
who need to use them? 


1.4 Protection of the Public 


Are the public fenced off or otherwise protected from 
the work? 


At the end of the working shift: 


Is the site secured? 


Is the perimeter fencing secure and undamaged? 


Are all ladders removed or their rungs boarded so that 
they cannot be used? 


Are excavations and openings securely fenced? 


Is all plant immobilised to prevent unauthorised use? 


Are materials safely stacked? 


Are flammable or dangerous substances locked away 
in secure storage places? 


2.0 Training 


Has an induction programme been established? 


Have all persons working on the site been inducted? 


Is specific training given on specialist health & safety 
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issues related to the site? 


Are toolbox talks an established part of the work 
arrangements? 


3.0 Good Housekeeping 


Are all working areas and walkways level and free 
from obstructions such as stored material and waste? 


Is the site tidy and are materials stored safely? 


Are there proper arrangements for collecting and 
disposing of waste materials? 


Is hazardous waste kept separate from general waste? 


4.0 Fire First Aid & Emergency Provision 


Has the workforce been properly advised as to how 
and where to raise the alarm and call for assistance? 


Does the alarm system consider the difficulties of 
language when raising the alarm? 


Is the alarm tested at weekly intervals? 


Does the site test emergency and evacuation 
procedures? 


Are portable fire extinguishers provided at 
appropriate points? 


Are portable fire extinguishers inspected regularly? 


Is there a procedure for replacing ‘used' fire 
extinguishers? 


Are appropriate persons trained in the use of fire 
extinguishing equipment? 


5.0 First Aid 


In the event of an accident, are steps taken to protect 
casualties from further harm? 


Is First Aid and medical treatment facilities, including 
trained personnel, provided on site? 


Are records of all treatment and injuries maintained? 


Is the workforce aware of how to obtain first aid or 
medical treatment? 


6.0 Emergency Response 


Is there a site emergency response plan (ERP) that is 
up to date and reviewed annually? 


Have emergency responders received training and if 
so is this training satisfactory ? 


Are periodic drills performed by emergency 
responders? 


Are the appropriate emergency kit(s) on-site, 
complete, inspected, and located in an appropriate 
location? 


Is the emergency responder equipment (BA, suits, 
etc.) inspected regularly and maintained in suitable 
condition? 


Are wind socks or other means of determining wind 
direction appropriately located and easily visible from 
all areas of the plant? 


Has the facility assessed the need for process and 
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perimeter monitoring, and implemented as 
appropriate? 


Have emergency procedures been developed, e.g. 
evacuating the site in case of fire or rescue from a 
confined space? 


Are workers aware of the procedure? 


Is there a means of raising the alarm and does it 
work? 


Are there adequate escape routes and are they 
maintained? 


Is there a site emergency response plan 
(ERP) that is up to date and reviewed annually? 


Have emergency responders received 
training and if so is this training satisfactory ? 


Are periodic drills performed by emergency 
responders? 


Are the appropriate emergency kit(s) on-site, 
complete, inspected, and located in an appropriate 
location? 


Is the emergency responder equipment (BA, suits, 
etc.) inspected regularly and maintained in suitable 
condition? 


Are wind socks or other means of determining wind 
direction appropriately located and easily visible from 
all areas of the plant? 


Has the facility assessed the need for 

process and perimeter chemical residue monitoring, 
and implemented as appropriate both in the 
workplace and on the perimeters ? 


Is there a site emergency response plan (ERP) that is 
up to date and reviewed annually? 


Have emergency responders received training and if 
so is this training satisfactory ? 


Are periodic drills performed by emergency 
responders? 


Are the appropriate emergency kit(s) on-site, 
complete, inspected, and located in an appropriate 
location? 


Is the emergency responder equipment (BA, suits, 
etc.) inspected regularly and maintained in suitable 
condition? 


Are wind socks or other means of determining wind 
direction appropriately located and easily visible from 
all areas of the plant? 


Has the facility assessed the need for process and 
perimeter monitoring, and implemented as 
appropriate? 


7.0 Safe Means of Access 


7.1 Safe Places of Work 


Can everyone reach their place of work safely, i.e. are 
roads, gangways, passageways, passenger hoists, 
staircases, ladders, scaffolds and other access 
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equipment in good condition? 


Are there guard rails, equivalent protection or other 
control measures in place to stop falls from open 
edges, e.g. scaffolds, mobile elevating work platforms, 
buildings, gangways, excavations, etc.? 


Are holes and openings securely guard railed, provided 
with an equivalent standard of protection, or provided 
with fixed, clearly marked covers to prevent falls? 


Where it is essential to work at an open edge is the 
opening fenced as far as possible and is safety 
harnesses used by operatives? 


Are structures stable, adequately braced and not 
overloaded? 


Are all working areas and walkways level and free from 
obstructions such as stored materials and waste? 


Is the site tidy, and are materials stored safely? 


Are there proper arrangements for collecting and 
disposing of waste materials? 


Is the work area adequately lit? Is sufficient additional 
lighting provided when work is carried on after dark or 
inside buildings? 


7.2 Scaffolds 


Are scaffolds erected, altered and dismantled by 
competent persons? 


Is there safe access to the scaffold platform? 


Are all uprights provided with base plates (and, where 
necessary, timber sole plates) or prevented in some 
other way from slipping or sinking? 


Are all uprights, ledgers, braces and struts in position? 


Is the scaffold secured to the building in enough places 
to prevent collapse? 


Are there adequate guardrails and toe boards or an 
equivalent standard of protection at every edge from 
which a person could fall 2m or more? 


Where guard rails and toe boards or similar are used: 


Are the toe boards sufficiently high (at least 150 mm)? 


Is the upper guardrail positioned at a suitable height 
(at least 910mm) above the work area? 

Are additional precautions, e.g. intermediate 
guardrails or brick guards in place to ensure that there 
is no unprotected gap of more than 470mm between 
the toe board and upper guardrail? 


Are the working platforms fully boarded and are the 
boards arranged to prevent tipping or tripping. 


Are there effective barriers or warning notices in place 
to stop people using an incomplete scaffold, e.g. one 
that isn’t fully boarded? 


Has the scaffold been designed and constructed to 
cope with the materials stored on it and are these 
distributed evenly? 


Does a competent person inspect the scaffold 
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regularly, i.e. at least once a week; always after it has 
been substantially altered and following extreme 
weather? 


Are the results of inspections recorded? 


If it is not reasonable to provide a scaffold or 
alternative safe means of access where persons may 
fall more than 2 metres, are safety harnesses etc. 
used? 


7.3 Powered Access Equipment 


Has the equipment been erected by a Competent 
Person? 


Is fixed equipment, e.g. mast climbers, rigidly 
connected to the structure against which it is 
operating? 


Does the platform have adequate guardrails and toe 
boards or other barriers to prevent workers and 
materials falling off? 


Have precautions been taken to prevent people being 
struck by the moving platform, projections from the 
building or falling materials, e.g. a barrier or fence 
around the base? 


Are the operators trained and competent? 


Is the power supply isolated and the equipment 
secured at the end of the working day? 


7.4 Ladders or similar means of access 


Are ladders the right means of access for the job? 


Are they secured to prevent them slipping sideways or 
outwards? 


Do ladders rise about 1m above their landing places? If 
not, are there other handholds available? 


Are the ladders positioned so that users don’t have to 
over-stretch or climb over obstacles at work? 


Are all ladders in good condition? 


7.5 Roof Work 


Are there enough barriers or is there other edge 
protection to stop people or materials falling from 
roofs? 


Do the roof battens provide safe hand and foot holds? 
If not, are crawling ladders or boards provided and 
used? 


During industrial roofing, are precautions taken to stop 
people falling from the leading edge of the roof or 
from thin or partially fixed sheets, which could give 
way? 


Are suitable barriers, guardrails or covers, etc. 
provided where people pass or work near fragile 
material such as asbestos cement sheets and glass or 
near roof lights? 


Are crawling boards provided where people must work 
on fragile roofs? 


Are people excluded from the area below the roof 
work? If this is not possible, have additional 
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precautions been taken to stop debris falling onto 
them? 


8.0 Hot Work & Fire Prevention 


Are method statements presented to a Site HSE Officer 
before commencing work on or adjacent to plant 
containing flammable substances? 


Is the quantity of flammable material on site kept to a 
minimum? 


Are there proper storage areas for flammable liquids 
and gases, e.g. LPG, acetylene, solvents, paint 
thinners? 


Are containers and cylinders returned to these stores 
at the end of the shift? 


If liquids are transferred from their original containers 
are the new containers suitable for flammable 
materials? 


Is smoking banned in areas where gases or flammable 
liquids are stored and used? Are other ignition sources 
also prohibited? 


When gas cylinders are not in use, are the valves fully 
closed? 


Are adequate bins or skips provided for storing waste? 


Are cylinders kept safely upright? 


Are gas cylinders stored outdoors when not in use? 


Where gas cylinders are connected to heaters or 
cookers in temporary buildings, are the cylinders kept 
outside the building? 


Is flammable waste regularly removed? 


Are the right number and type of fire extinguishers 
available and accessible? 


Are work areas inspected one hour after completion of 
welding / burning activities? 


Are adjacent work areas protected during hot work by 
the use of screens or mats? 


Are workers using appropriate PPE during hot work 
operations? 


9.0 Site Electrical Supplies 


Is the supply voltage for tools and equipment the 
lowest necessary for the job (could battery operated 
tools, reduced voltage tools, e.g. 110V or lower in wet 
conditions, be used)? 


Where mains voltage has to be used, are trip devices, 
e.g. residual current devices (ELCBs) provided for all 
equipment? 


Are ELCBs protected from damage, dust and dampness 
and checked daily by users? 


Are cables and leads protected from damage by 
sheathing, protective enclosures or by positioning 
away from causes of damage? 


Are all connections to the system properly made and 
are suitable plugs used? 
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Is there an appropriate system of user checks, formal 
visual examinations by site managers and combined 
inspection and test by competent persons for all fixed 
& portable tools and equipment? 


Are scaffolders, roofers, etc. or cranes or other plant, 
working near or under overhead lines? Has the 
electricity supply been turned off, or have other 
precautions such as ‘goal posts’ or taped markers been 
provided to prevent them contacting the lines? 


Have underground electricity cables been located 
(with a cable locator and cable plans), marked, and 
precautions for safe digging been taken? 


Are all installation, modification and maintenance 
work carried out only by trained and competent 
persons? 


Does the installation include high standards of 
electrical insulation? 


10.0 Special Processes & Procedures 


10.1 Confined Spaces 


Has a system for safe working in confined spaces been 
established, e.g. permit for work system? 


Are suitable steps taken to ensure that confined 
spaces are vented and purged of toxic, flammable and 
asphyxiating gases? 


Have workplaces in which gases, vapours or fumes 
could accumulate or a shortage of oxygen could arise 
been recognised and clearly identified? 


Does a competent person sign a declaration that an 
area is safe to enter prior to work commencing? 


Are guards positioned at all points of access whilst 
work is being carried out in confined spaces? 


10.2 Excavations 


Is an adequate supply of timber, trench sheets, props 
or other supporting material made available before 
excavation work begins? 


Is this material strong enough to support the sides? 


Is a safe method used for putting in the support, i.e. 
one that does not rely on people working within an 
unsupported trench? 


If the sides of the excavation are sloped back or 
battered, is the angle of batter sufficient to prevent 
collapse? 


Is there safe access to the excavation, e.g. by a 
sufficiently long, secured ladder? 


Are there guardrails or is there other equivalent 
protection to stop people falling in? 


Are properly secured stop blocks provided to prevent 
tipping lorries falling in? 


Does the excavation affect the stability of 
neighbouring structures? 


Are stacked materials, spoil or plant stored near the 
edge of the excavation likely to cause a collapse of the 
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side? 


Does a competent person at the start of every shift 
inspect the excavation; and after any accidental 
collapse or event likely to have affected it’s stability? 


Is a suitable system of formal control of excavations in 
place? Is this procedure followed for all excavations? 


11.0 Chemicals and Hazardous Substances 


Have all harmful materials, e.g. asbestos, lead, 
solvents, paints, etc. been identified? 


Have the risks to everyone who might be exposed to 
these substances been assessed? 


Are method statements produced for all work 
involving removal or installation of thermal insulation 
material? 


Have precautions been identified and put in place, e.g. 
is protective equipment provided and used; are 
workers and others who are not protected kept away 
from the exposure? 


Are proper storage facilities allocated and used? 


12.0 Noise 


Are breakers and other items of plant or machinery 
fitted with silencers? 


Are barriers erected to reduce the spread of noise? 


Is work sequenced to minimise the number of people 
exposed to noise? 


Are others not involved in the work kept away? 


Is ear protection provided and worn in noisy areas? 


What are the maximum permissible noise levels 
adjacent to the construction site? 


Are controls set up to monitor noise levels adjacent to 
the construction site? 


13.0 Radiography 


If appropriate have procedures for the control and safe 
use of radiation generators or radioactive sources 
been produced? 


Is the procedure properly implemented when 
radiography is carried out? 


14.0 Work Equipment & Safe Working Practises 


14.1 Compressed Air 


Have all workers been trained in the correct use of air- 
operated tools? 


Have the dangers of directing compressed air at the 
body been highlighted to the workforce? 


Are heavy-duty hose clamps used? 


Are quick-acting couplers, designed to seal upstream 
air pressure on disconnection and slowly vent on the 
downstream side, used? 


Are hoses kept clear of walkways/roadways? 


Is regular maintenance of equipment, including safety 
devices carried out? 
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14.2 Manual Handling 


Are hoists, telehandlers, wheelbarrows and other plant 
or equipment used so that manual lifting and handling 
of heavy objects is kept to a minimum? 


Are materials such as cement ordered in appropriate 
size bags for safe manual handling? 


Can the handling of heavy blocks be avoided? 


14.3 Hoists 


Is the hoist protected by a substantial enclosure to 
prevent someone from being struck by any moving 
part of the hoist or falling down the hoist way? 


Are gates provided at all landings? 


Are the gates kept shut except when the platform is at 
the landing? 


Are the controls arranged so that the hoist can be 
operated from one position only? 


Is the hoist operator trained and competent? 


Is the hoist’s safe working load clearly marked? 


If the hoist is for materials only, is there a warning 
notice on the platform or cage to stop people riding on 
it? 


Is the hoist inspected weekly, and thoroughly 
examined every six months by a competent person? 


Are the results of inspections recorded? 


14.4 Cranes and Lifting Equipment 


Is the crane on a firm, level base? 


Are the safe working loads and corresponding radii 
known and considered before any lifting begins? 


If the crane has a capacity of more than one tonne, 
does it have an efficient automatic safe load indicator 
that is inspected weekly? 


If an excavator is used as a crane, does it have the 
necessary check valves and is its maximum safe load 
clearly marked? 


Are all drivers trained and competent? 


Have the banksman and slingers been trained to give 
signals and to attach loads correctly? 


Do the driver and banksman find out the weight and 
centre of gravity of the load before trying to lift it? 


Are cranes inspected weekly, and thoroughly 
examined every 12 months by a competent person? 


Are the results of these inspections recorded? 


Does the crane have a current test certificate? 


Has a Lifting Plan for carrying out heavy lifting 
operations been prepared? Is this plan implemented 


Are areas where lifting operations are taking place 
clearly identified? Are unauthorised persons excluded 
from this area? 


Is lifting equipment kept under strict control? 


Is the SWL and unique identity marked on every item 
of lifting equipment? 
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Is there proof of inspection/certification of all lifting 
equipment? 


15.0 Plant and Machinery 


Are all dangerous parts, e.g. exposed gears, chain 
drives, projecting engine shafts, guarded? 


Are guards secured and in good repair? 


Is the machinery maintained in good repair and are all 
safety devices operating correctly? 


Are operators trained & competent? 


16.0 Hand and Power Tools 


Are the correct tools provided and used properly for 
each task? 


Are regular checks of tools carried out to ensure that 
they are in good condition? 


Are steps taken to ensure that untrained persons do 
not use tools? 


When cartridge operated tools are used, are method 
statements made available to the HSE Officer? 


Are home made tools only used after authorisation by 
a competent person? 


17.0 Vehicles 


Are vehicles maintained? Are maintenance records 
available? Do the steering, handbrake and footbrake 
work properly? 


Have drivers received appropriate training and do they 
hold written authorisation for the type of vehicle? 


Are site vehicles locked when not in use? 


Are vehicles, which operate inside buildings fitted with 
both visual and audible warning devices? 


Are vehicles securely loaded? 


Are passengers prevented from riding in dangerous 
positions? 


18.0 Working near water 


Have appropriate controls, e.g. barriers, warning signs, 
been erected to warn workers of open water? 


Do persons working on or over water use life jackets & 
safety lines or safety nets? 


Are buoyancy aides provided where a high risk of 
individuals falling into water exists? 


Is a safety boat provided downstream of work over / 
on rivers? 


Have supervisors and persons who work on, over or 
adjacent to water received appropriate training? 


Are boats and vessels suitable for purpose? 


Is there a suitable emergency procedure and adequate 
back up? 


19 Containers Securement / Preparation 


Are gas detectors present in packaging and process 
areas that are interfaced into an alarm system with 
appropriate detection limits being utilized for the 
alarm set points? ( if applicable ) 
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Are cylinders and ton containers segregated between 
full and empty? ( if applicable ) 


Are full ton containers stored so that each end is 
accessible in case a repair is needed? ( if applicable ) 


Are written operating procedures available and being 
utilized by employees that address the appropriate 
steps for evacuating and filling cylinder and ton 
containers? ( if applicable ) 


Do procedures exist for testing for leaks prior to 
filling each cylinder and ton container? ( if applicable 


) 


Do procedures exist for proper evacuation of lines 
before disconnecting? 


Do procedures exist for inspection and change out of 
valves? ( if applicable ) 


Do procedures exist for appropriate torque settings 
of valves and packing nuts? ( if applicable ) 


Do procedures exist for proper labeling and marking 
of cylinders and ton containers? ( if applicable ) 


Are ton containers secured to prevent them from 
rolling? ( if applicable ) 


Are appropriate lifting devices being utilized to move 
ton containers? ( if applicable ) 


Are gas detectors present in packaging and process 
areas that are interfaced into an alarm system with 
appropriate detection limits being utilized for the 
alarm set points? ( if applicable ) 


Do facility procedures verify that delivery vehicles are 
properly placarded with the Hazchem system 


Is lighting or emergency lighting provided to allow for 
safe operation and emergency response? 


Is a checklist or other procedure used to 
assist with the performance of pre- unloading, post 
unloading, and prerelease inspections? 


Are workers performing higher risk activities like line 
breaks or disconnections being appropriately 
monitored? 


Are unloading lines and air padding lines purged, 
evacuated, disconnected, and capped immediately 
when not in use to minimize moisture entry into the 
piping system? 


Are piping leak checks conducted prior to unloading ( 
if applicable ) 


Do operating procedures require leaks to be repaired 
before allowing operations to begin or continue? 


Are liquid angle valves completely open when 
unloading is in progress? ( if applicable ) 


If the container is disconnected, lines capped, and 
protective housing cover closed and sealed after 
unloading has ceased for the day? ( if applicable ) 


Are piping connections purged to a scrubber or VOC 
containment, process application, or containment 
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prior to piping disconnection? ( if applicable ) 


Are all the staff ( including labourers ) involved in 
unloading the fuel or chemicals from the delivery 
vehicles trained 


Is PTFE tape or non-reactive pipe dope used on 
threaded connections? ( if applicable ) 


Are procedures in place to prevent PTFE tape from 
interfering with angle valve closure? ( if applicable ) 


Have lubricants being used in the chemical handling 
been confirmed to be compatible 


Is there a remotely operated or automatically 
actuated emergency shutoff valve system in place 
which can safely isolate both ends of transfer 
hoses / flexible piping? ( if applicable ) 


Is the emergency shut-off system tested routinely? 


Are there shutoff valves on both sides of transfer 
hoses 


20 Process Piping 


Do piping and all components comply with 
recommendations of such as metallurgy, schedule, 
welding requirements, etc? 


Are all hoses in contact with fuel or chemicals tested 
or replaced on a preventive maintenance basis? 


Is the piping system adequately supported / braced 
with pipe shoes or other support ? 


Is the piping system protected from vehicular traffic? 


Is new or replacement piping properly cleaned and 
inspected ? 


Are the gaskets used compatible 


21 Underground Piping 


Is underground piping system continuously 
monitored for leaks? How? 


Has cathodic protection, used for underground 
piping, been considered? 


22 Building Systems 


Is there potable gas monitors for monitoring of areas 
within and around the building for gas leaks - ( if 
applicable ) (are there alarms, warning lights)? 


All facilities having leakage test kit (e.g. ammonia, 
water and swabs or other acceptable detector) to be 
provided in clearly marked locations 


Is sufficient and appropriate ventilation provided (i.e. 
reference to be made to NIOSH standards) 


What are the safety systems in place such as 
pressure type switch located on the doors to 
chlorination rooms which shall activate the exhaust 
fan automatically when the door is opened. ( if 
applicable ) 


23 VOC / scrubbing / venting systems 


Is there a means available to process vent gases and 
the emergency evacuation of equipment containing 
Gas ? ie Maintaining safe vent conditions 
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Is the venting design based upon the worst case 
Preventing fires, explosions, and toxic releases 


Is the system clear for understanding normal process 
operations, such as intentional routine controlled 
venting and emergency operations, like overpressure 
relief 


Does the system mitigating the impacts of end-of-line 
treatment devices, such as scrubbers, flares, and 
thermal oxidizers, on the vent header system 


If so does the scrubber capacity designed to process 
the facility’s most probable release scenario? 


Does the scrubber have ‘passive’ scrubbing capability 
or is it equipped with emergency stand-by power 
sources? 


Are the materials of construction Adequate 


Is the scrubbing solution either designed or 
monitored / analyzed to confirm required minimum 
capability? 


Is the scrubbing vent monitored to detect gas 
breakthrough? 


Is there adequate backflow detection 


Does the system comply with regulations 


24 Containment , Bunding and Overflow 


Is there systematic assessment of safety integrity 
level requirements ie what is the overall systems for 
tank-filling control is this of high integrity and with 
sufficient independence to ensure timely and safe 
shutdown to prevent tank overflow. Do Site 
operators meet the latest international standards 


Does the methodology of safety 

integrity level (SIL) requirements for overfill 
prevention systems take into account of the 
existence of nearby sensitive resources or 
populations; the nature and intensity of depot 
operations; realistic reliability expectations for tank 
gauging systems; and 

the extent/rigour of operator monitoring. 


Is the Protecting against loss of primary containment 
use of high integrity systems in line with the 
appropriate standards 


Does the management systems for maintenance of 
equipment and systems to ensure their continuing 
integrity in operation include, but not be limited to 
reviews of the arrangements and procedures for 
periodic proof testing of storage tank , overfill 
prevention systems to minimise the likelihood of any 
failure that could result in loss of containment; 
review of the effectiveness of equipment and 
systems in preventing loss of containment or in 
providing emergency response, high integrity, 
automatic operating overfill prevention system (ora 
number of such systems, as appropriate) that is 
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physically and electrically separate and independent 
from the tank gauging system. 


Does the overfill prevention system (comprising 
means of level detection, logic/control equipment 
and independent means of flow control) should be 
engineered, operated and maintained to achieve and 
maintain an appropriate level of safety integrity in 
accordance with the requirements of the 

recognised industry standard for ‘safety 
instrumented systems’ detection, logic/control 
equipment and independent means of flow control) — 
ie is this engineered, operated and maintained to 
achieve and maintain an appropriate level of safety 
integrity in accordance with the requirements of the 
recognised industry standard for ‘safety 
instrumented systems’ 


Is the engineering, design, operation and 
maintenance against escalation of loss of primary 
Secondary and tertiary containment in line with 
required international standards 


20 Security 


Have security guards received information and 
training of dealing with alarms or dealing with 
emergency events 


3 Sector Specific Examples 


3. 1 Wastewater Treatment Plants 


The below provides an general suggestion of checklists — It is of course very important that there should be a well 
developed and implemented emergency response plan for the site which details the plans and actions required for 


all such events 


Issue 


Y/N 


Comments 


Minimize 


Substitute 


Moderate 


Simplify 


1.0 Site Flooding 


The wastewater treatment sites can be flooded 
through a number of occurrences: 

works overflowing; heavy rainfall on the site and 
flooding from an adjacent Wadi 


works overflowing 


Minimise : Flooding caused by heavy rainfall can be 
addressed by ensuring 
the adequacy of the site drainage system, avoiding 
location of critical plant or places 
to which access is required on low ground within 
the site and, if required, by providing 
adequate pumps to lift the water from the site 
drainage system into wherever the permit for 
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drainage is discharged 


heavy rainfall on the site 


Moderate : The normal acceptable options would 
be to (i) include for the additional flow within the 
treatment capacity; (ii) provide storm water 
overflows within the collection system; (iii) provide 
specific landscaped areas to which storm water can 
be discharged or (iii) provide a storm water holding 
reservoir on the works site. 


flooding from an adjacent flood plain 


Moderate : earth bunds can be 

constructed around the works or critical plant 
raised to a height above a reasonably 
expected flood level. 


2. Loss of Power 


Moderate : ensuring adequate on-site generating 
capacity for essential plant / critical drives eg on 
site electrical standby generation with appropiate 
maintenance scheduling or arrangement with hire 
companies from whom plant and equipment such 
as mobile generators can be obtained. 

Substitute : by having two separate and 
independent electricity supplies into the Works. 


3 Pollution or Debris arriving in inlet 


Pollution may cause environmental damage , 
particularly in cases there is no storm water or 
overflow tank into which a polluted sewage can be 
safely discharged and action taken to remedy the 
matter, it could cause breach or non compliance of 
discharge limits and may make the operator liable to 
prosecution by the environmental enforcement 
agency - 


Moderate : Should the biomass be killed as a result 
of the pollution action plan for dealing with 
reformulation of the biomass through transplating 
( ie sourcing new biomass and reseeding ) and in 
cases of foaming to ensure appropriate mitigation 
measures for analysis of the foam and use of 
antifoaming measures. Remember that it is 
difficult to determine by sight if activated sludge is 
failing so that it is necessary to measure oxygen 
consumption and parameters of treatment 
performance such as MLSS, SSVI, SRT etc for a true 
ongoing understanding of performance ( this can 
include the use of on line plant SCADA systems 
and portable dissolved oxygen monitoring 
equipment ) 


a“ 


Simplify — on the basis that “prevention is better 
than cure”, ‘there should be in place a rigorous 
policy for the monitoring of industrial discharges 
into its sewers and inspections of manholes — 
automatic / early monitoring upstream of the plant 
in the incoming network for pollutants can also 
provide necessary mitigation measures early on. 
In the case of sewer cleaning operations particular 
care needs to be taken to ensure that 

debris is removed from the sewer and not, unless 
planned, allowed to pass through to the Works. 


Substitute : Redundancy or duplication of process 
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streams (ie where “spare” treatment capacity is 
available ) as dictated through the asset 
management and operation / maintenance plan. 
Note : this option may also be assisted by 
preplanning of modeling scenarios in the design 
analysis ; operation and maintenance and 
emergency response plans 


Substitute : Consideration for tankers to be filled at 
a failed works or divert toxic influent into spare 
tank and for tankers to discharge at another. In 
some locations, it might be possible to divert flows 
from one catchment to another 

albeit with temporary overland pumping as 
dictated by the emergency response plan and 
escalation of actions as agreed with stakeholders 


Minimise : This relates to determination of the 
source of the pollution through investigation steps 
including implementing an appropriate detailed 
analysis and sampling plan covering such events 
and taking immediate steps to prevent any 
continuing pollution and a re-occurrence 


4 Structural Failure — Blocked / collapse pipes / tanks 


Moderate: All water retaining tanks to be 
regularly inspected for signs of stress prior to any 
failure ; in addition as part of criticality plan to 
ensure that all adequate sewer repair 

lengths and couplings are available and, 
emergency mobile pumps and hoses etc are 
available ( ie as per agreed schedule of availability 
of warehouse covering spare parts, sewer repair 
lengths, couplings etc. ) 

According also to a synergy and cross referencing 
between asset management and O & M plans to 
specify according to the situation for on site teams 
to repair or clear the blocked / collapsed tank or 
pipe and any localised flooding could be dealt by 
re-directing the incoming flow from the failed unit 
or for consultant/contractor to effect an 
emergency repair and/or prepare designs and 
implement asset replacement.. 


5 Gas Leaks 


For example methane, chlorine or high hydrogen 
sulphide alarms in the process units or atmospheric 
monitoring stations within the sites 


a. Prior to an emergency: 

i. Ensure that alarms are operable, breathing 
equipment is available and that staff are fully 
trained in the required response; 

ii. Have on site a wind sock or other device for 
ascertaining the direction of the wind; 

iii. Liaise with all stakeholders connected with 
emergency services on emergency procedure. 
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b. During an emergency ( according to the defined 
strategic and response team role ) 

i. Ascertain the extent of the damage and the 
consequences including plan of response for 
dealing with staff affected by the leakage and for 
the site response leader to adopt the controlling 
and management of the incident; 

ii. If the consequences will have an effect upon the 
neighbouring area, the emergency response plan 
should cover the appropriate notifications and 
evacuation procedures; 

iii. Site staff involved in the implementation of the 
emergency response plan and depending upon the 
severity and criticality of alarms according to the 
plan if of tactical response then wearing breathing 
apparatus and when safe to do so, isolate the 
cause of the leak; if of strategic level response then 
evacuating the area and as per the response plan 
calling in the civil defence / emergency ambulance 
services 

iv. When safe to do so, isolate the tank and re- 
direct the gas for safe disposal, 

v. Assess the extent of any damage and ascertain if 
a repair can be affected. 


6 Loss of Treatment Process 


This refers to a significant loss of process capability 
for example lifting capacity at the inlet works, or at an 
intermediate pumping station, loss of blowers or 
major pumps or process units eg loss of de-watering 
capacity 


a. Prior to an emergency allow for: 

i. Vulnerability assessment of equipment and 
evaluation of redundancy in plant or availability in 
stock of spares 

ii. Ensure that a schedule is available of plant hire 
companies - Boilerplate contracts for example 
could be drafted for situations that may occur and 
kept available for adaptation to specific 
circumstances when necessary. This could save 
time and effort that would otherwise be 
necessary to prepare from “scratch” during an 
incident 

iii. Operation & Maintenance and emergency 
response plan developed to include response 
actions eg emergency holding tanks etc 

b. During an emergency: 

i. Ascertain the cause and consequence of failure 
eg loss of lifting capacity and the consequences; 
ascertaining the extent to which the sludge can be 
retained within the process units; 

ii. Where “spare” treatment capacity is available, 
redirect the wastewater incoming flow; 

iii. Use mobile pumps to lift the influent to the next 
stage of the works, and 

iv. If failure is due to power failure, link in 
emergency generators 
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7 Loss of IT systems 


In general, when information technology (IT) 
vulnerabilities are addressed, robust and flexible 
technology solutions can be assured to continue to 
support business functions under a wide variety of 
conditions 


Single points of failure in the supervisory control 
and data acquisition (SCADA) system 

Periodic identification and back up of “operational- 
critical” applications, databases, 

and to an off-site facility 

Vulnerability/penetration tests on SCADA systems 
The SCADA system connection to the LAN/WAN 
Secure locations for the SCADA system 
components (RTUs, central monitoring) 


3. 2 Water Treatment and Supply 


As above the below provides an general suggestion of checklists — It is of course very important that there should 
be a well developed and implemented emergency response plan for the site which details the plans and actions 


required for all such events 


Issue 


Y/N 


Comments 


Moderate 


Substitute 


Minimize Simplify 


1.0 Distribution Line Failure 


Following the assessment of the reason for the 
interruption, the cause and whether it can be 


rectified the service level impacts including HSE issues 
would be already identified as part of the preplanning 


Response items would involve resource and asset 
requirements such as location and operability of 
isolating valves , draining down issues etc 


a. Prior to an emergency : 

i. Vulnerability assessment with consideration of 
various scenarios of deteriation in situations and 
how the problems can worsen - this may require 
GIS/network modeling to assess service impacts 
iii. Consider PR implications and actions required of 
Customer services/ Public relations(if appropriate ) 
iii. Ensure that a schedule is available of actions 
and required resources - Boilerplate contracts if 
required with contractors for example could be 
drafted for situations that may occur and kept 
available for adaptation to specific circumstances 
when necessary. This could save time and effort 
that would otherwise be necessary to prepare 
from “scratch” during an incident 

iv. Evaluation of redundancy in network or 
availability in stock of spares 

v. Operation & Maintenance and emergency 
response plan developed to include response 
actions eg emergency holding tanks etc 

b. During an emergency: 

i. In conjunction with Operations and control room 
staff what are the current reservoir levels, how 
long are supplies likely to last subsitute actions eg 
tankers on standby; 

ii. Implement “spare” treatment / distribution 
capacity if available 
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2 Water Quality Failure 


This would be linked to the implementation of water 
quality safety plans (in line with the principles of 
HACCP ) and of course the integration of the O & M 
and water quality sampling & analysis and emergency 
plans 


a. Prior to an emergency : 

i. Vulnerability assessment with consideration of 
various scenarios of deteriation in situations and 
how the problems can worsen - this may require 
GIS/network modeling to assess service impacts to 
the network, how the spread can be limited and 
the pre-planning of actions such as alternative 
supplies , what reservoirs need emptying and how 
and flushing mains programmes etc 

iii. Consider PR implications and actions required of 
Customer services/ Public relations(if appropriate ) 
iii. Ensure that all stakeholders including the water 
quality safety plan driven by the chemist and the O 
& M , emergency response plans are integrated for 
schedule of proposed preplan actions 

b. During an emergency: 

i. The actions would be dependant upon site 
specific requirements as developed with the 
emergency response plan ( for example alternative 
supplies , impacts (if appropriate ) to reservoirs 
and network flushing and cleaning etc etc 


3. Reverse Osmosis Treatment 


When feed water quality and operating parameters — 
pressure, temperature, differential pressure and 
recovery are constant, permeate flow rate and 
permeate quality should be within an acceptable 
tolerance of the suppliers recommended values 
without substantial fluctuations or trends to change 
performance 

Frequency of normalizations based upon assessment 
of the operation and maintenance log book on time 
and date of events will also depend on extent and 
frequency of variations in feed quality and operating 
conditions such as feed water quality ( composition of 
monovalent and polyvalent ions, suspended solids, 
fouling index , SDi, Langelier saturation index (LSI); 
Ryznar Stability Index (RSI); Puckorius Scaling Index 
(PSI); and other aggressive indices, feed pH, 
temperature , pressure, recovery ( conversion ) ratio 
and permeate flow rate, salt rejection and salt 
passage measures etc 


Mitigation measures : Monitoring of the operating 
parameters would provide the only means of a 
solid basis for evaluating RO performance. 
Recognised deviant performance trends for salt 
passage, permeate flow or pressure drop would 
enable timely selection of countermeasures as per 
the supplier's trouble shooting guidelines and 
guidelines for operation and maintenance in order 
to avoid irreversible damage to membrane 
elements or other system components ( the later 
for example with particular respect to 
considerations for cleaning eg evaluation 
measures for the effectiveness of cleaning ( eg 
foulant levels of metal hydroxides, inorganic 
colloids, organic or bacterial matter scaling , 
permeate flow rates and solute rejection etc -ie 
also linked to preservation and concentration of 
conservation solutions , operating conditions 
before shutdown and duration of conservation ) 
and maintenance issues such as record of routine 
and corrective maintenance, mechanical / welding 
failures and replacements, change of element 
locations etc etc ) 


The emergency response plan for RO membranes 
would be dependant upon the suppliers criteria for 
quality of plant monitoring and in order to 
evaluate in particular normalized performance 


128 


data and actual system data for detecting trends 
early it would be important to ensure the O & M/ 
emergency response plan includes SIMPLIFIED 
measures such as systematic graphical monitoring 
charts 

Recommended procedures would be as required 
to be developed with the supplier covering any 
possible deviant events in down stream such as 
variations in individual ions ( and flushing needs ) ; 
fluctuation pressure ( or possible water hammer ) 
and need for automation and control sequence of 
valve operations etc etc 


4. Loss of Power 


Moderate : ensuring adequate on-site generating 
capacity for essential plant / critical drives eg on 
site electrical standby generation with appropiate 
maintenance scheduling or arrangement with hire 
companies from whom plant and equipment such 
as mobile generators can be obtained. 

Substitute : by having two separate and 
independent electricity supplies into the Works. 


5 Loss of IT systems 


In general, when information technology (IT) 
vulnerabilities are addressed, robust and flexible 
technology solutions can be assured to continue to 
support business functions under a wide variety of 
conditions 


Single points of failure in the supervisory control 
and data acquisition (SCADA) system 

Periodic identification and back up of “operational- 
critical” applications, databases, 

and to an off-site facility 

Vulnerability/penetration tests on SCADA systems 
The SCADA system connection to the LAN/WAN 
Secure locations for the SCADA system 
components (RTUs, central monitoring) 


3. 2 Landfilling - Waste Management 


Clearly ,the best-designed landfill is of little value unless it is constructed and operated properly — from 
perspectives of personnel responsibilities, safety practices, machinery and the overall operations of the landfill 
To show the value of adhering to a specific procedure for all landfill employees there should be 

a list of benefits/consequences that may result from compliance or non-compliance to the procedures 

Landfill sites require careful planning and operation. How a landfill is operated and managed effects the public 


health, environment and economics. 


Some basic issues , which apply to any type of waste landfill are as follows . 


e Apropiate documentation , monitoring and control is important in ensuring that landfill sites are 
operated and managed safely, efficiently and effectively from both the technical and financial 


perspectives. 


e The rate and method of waste deposition for landfill sites should be considered in terms of its 
minmizing its impacts to the environmental and general public health and safety. 


Landfill operations need to be reviewed with respect to optimizing the usage of land space and should consider the 
optimisation of multiple issues such as landfill placement, compaction and covering and the types / 
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characterization of the wastes. Some general problems associated with landfill sites which do not have proper 


operational and management plans can be described as follows : 


- Poor usuage of landfill space. 


- Lack of control and monitoring of vehicle reception and offloading. 


- Poor security and supervision and entry to scavengers 


- Lack of control and inspection of waste leading to mixing of both general and hazardous wastes 
from both industry and community sources — giving rise to associated risks through the incorrect 


handling and disposal. 


- High risk to the health and safety of both the staff and users of the landfill sites through unsafe 


landfill practices. 


- Environmental impact of an incorrect operated and managed landfill can be through both direct 
and indirect, short term and long term effects - ie odours, groundwater contamination etc 


The objectives of reviewing and studying the existing operation of the landfill sites and producing management / 
emergency contingency plans can be outlined as follows : 


- To ensure the cost effective and efficient operation of the sites with respect to the usuage of 


land , equipment and manning resources. 


- To ensure the minimsation of risks to the public health and safety of the staff and users of the 
landfill sites through the adoption of working procedures and instructions that ensure the 


implementation of best practices. 


- To ensure the sustainable development of the landfill sites through the adoption of appropiate 


plans and strategies 


- To implement the high standards of quality and professionalism of best landfill practices. 


Issue 


Y/N 


Comments 


Minimize Substitute | Moderate 


Simplify 


1.0 Unknown quantity / quality of waste disposal 


The types and quantity of all waste should be 
recorded to provide for a continuing assessment of 
waste inputs and with cover requirements as well 
as enabling predictions to be made on rate of 
filling, engineering requirements and future 
restoration. (The rate of filling may be determined 
from the records obtained from a weighbridge and 
by measured / regular surveys of the site void. ) 


Simplify : Recording and monitoring should reflect 
the inspections made to ensure that wastes 
deposited are only those permitted . 


2 Ineffective use of landfill space 


Although the actual sequence of land filling will 
depend on many factors such as the topography, 
weather conditions, traffic flow. 


Moderate Good planning and its 
implementation is essential to ensure that site 
roads are located and maintained where they 
are required. Eg access roads leading to the 
working face of the disposal area should 
provide effective traction for the vehicles 


The working face should be sufficiently 
extensive to permit vehicles to maneuver and 
unload quickly and safely without impeding 
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refuse spreading and compaction and allowing 
site equipment to be operated easily. The size 
and operation of the working face should be 
regularly reviewed as part of the recording 
and inspection of the site activities. 

Operating a cellular method of filling should enable 
waste to be deposited in a tidy manner; preferably 
bunds, walls or some form of demarcation should 
be created to define, restrain and conceal the 
active waste tipping area and optimize the void 
space age. Bund walls would be created by the 
utilization of suitable incoming waste or by the use 
of cover material which could be removed at the 
end of the day and used as the face cover. 

The design and operation of the cells should 

be influenced by the rate of waste input and 

its absorptive capacity, number of incoming 
vehicles and sufficient space for safe turn- 
round of vehicles. 


3. Environmental nuisance 


This refers to uncontrolled environmental effects on 
internal or external receptors — for example odour, 
fly ( vector ) nuisance, leachate etc 


Mitigation measures : Mitigation measures would 
normally be developed as part of the 
environmental impact assessment process for the 
regulatory and concerned stakeholders this would 
include the design , operation and emergency 
response planning in accordance with required 
standards ( example include the design of lining 
and operational monitoring of groundwater 
boreholes and leachate control programmes ) 


Necessary precautions include for example as 
part of the O & M and emergency planning the 
use of daily cover ass 

e It improves the appearance of the site and 
minimized windblown litter. 

e Depending on the type of material used, 
movement of vehicles over the waste can be 
facilitated. 

e It will inhibit any pest control nuisance (e.g. 
from flies in particular). 

e It will help to reduce landfill odors. 

e It will minimize the risk of fire. 


4. Vehicle Safety 


Typically, ( subject to the most efficient and 
economic heavy plant for the particular application ) 
landfill sites may use vehicles such as steel wheeled 
compactors, tracked bulldozers, rubber tyred front 
wheel loaders (shovellers). 


Simplify : All staff and users of the landfill site 
should be fully aware of site safety regulations. 
These need to be displayed also to the users of the 
sites; this perhaps will require site boards and 
instructions. Examples of which need to be 
included in the site operation plan include issues 
such as Speed limits and control ( eg working areas 
at a landfill site is dangerous since people and 
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vehicles are maneuvering in close proximity to 
each other ) , Overhead power lines (Raising tipper 
lorries and tail gates of waste collection vehicles) ; 
Lack of stability possible for large vehicle whilst 
discharging their waste ; or the issue of 
Overloaded vehicles and their stability, where in 
particular the surface of landfill may be unsuitable 


Simplify : Removable poles can be considered as a 
means of signboarding the working face and 
ensuring vehicles only discharge in the designated 
areas and do not travel over any unstable area.. 


5 Fires/explosions 


In general, this would considered as part of the risk 
assessment (health and environmental) for the site 
and actions made as appropiate 


Fire Remediation Measures include proposal for 
permanent intrusive monitoring points and a 
programme for long term monitoring and 
progressive containment of, and quenching of the 
fires. This would involve the agreeing the Trigger 
Levels in order to monitor the success of the 
remedial actions. For example , the England and 
Wales Environment Agency states in their guidance 
(Technical Guidance Note TGNO4, ) concentration 
of 25 ppm CO as a level above which the operator 
should seek further evidence of the underground 
fire. The American guidance “Landfill Fires — their 
Magnitude, Characteristics and Mitigation” advises 
to treat as suspicious levels of CO between 100 and 
1000 ppm 


Moderate : Operation and Maintenance plan 
include use of thermal imaging for subsurface 
temperature monitoring and f Installation of 
permanent observation/monitoring points in 
selected locations for carbon monoxide presence 
with portable instrumentation and chemical 
indication tubes. As well as Instigation of collecting 
of the data from these monitoring points (gas 
composition, carbon monoxide, temperature) in 
order to observe effects of the remedial measures 
undertaken these for example can also constitute 
vertical wells, possibly prepared for later 
controlled gas distribution or pumping of leachate 
or other sources of water used to quench the 
effects of possible underground fires. 


Substitute : Based upon above, consideration of n 
of installation series of shallow wells connected 
with header pipes, designed for introducing large 
volumes of liquids with suppressant agent into the 
affected areas. ( based upon criteria of maximum 
flexibility for further operation ) 
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Minimise : Based upon the above O & M and 
emergency planning consideration may be for 
ensuring supply of liquid with suppressant agent 
and possibly foam supply to carry out remedial 
actions.. 
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